Extracted

• • Target

    e5190e48eb58095e703e38333ba0a9566fac7a3fa9e4eabfe592ad92d389e748.exe

  • Size

    64KB

  • MD5

    a5f9fc29b00a633a558613baff2d765c

  • SHA1

    b61c989239065de76e7e28fb1b55f57bcb423051

  • SHA256

    e5190e48eb58095e703e38333ba0a9566fac7a3fa9e4eabfe592ad92d389e748

  • SHA512

    c2c8fbb75b7aa94583e101fabd49790dc97bcebaa3ecdf192031c491785b555219da90aea0f5b8b2949ff1ad3aefcfcff8aed65b81153c740c41f53d03a16ebc

  • SSDEEP

    1536:oqc/ZlO9QDXSbF4JnE9D1wfMh3VtqtczNBLbwnYYYYYYYYYYYYYYAYYYYYYZjYYL:87O0K3FUA18+J

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2