Extracted

• • Target

    162e0c90feddd39dbbbbbb988319bd65f66f260181661c3ceb0863c9c2fc4fad.exe

  • Size

    84KB

  • MD5

    7ba94f50c54ee5d21fad0e229c271761

  • SHA1

    183b2db1f580cbf3385ce0e07fa9ba560a1432f4

  • SHA256

    162e0c90feddd39dbbbbbb988319bd65f66f260181661c3ceb0863c9c2fc4fad

  • SHA512

    5055085753335625c0a65f04fe2a0b0b970e8352493d31e0a695b81f2eb4fb553761844200fbd6a1eef8cb7cedfac118cefbfd132bcdc002079bc87650a5e86a

  • SSDEEP

    1536:RURGo/+AKVm4XsRcjkMZBtDXSREXHfVPfMVwNKT1iqWUPGc4T7VLP:ORxRKVm4c1MZBtDCREXdXNKT1ntPG9pb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2