Extracted

• • Target

    def90bf80539c7d3d3be37f3bccb58de9a56610dad28af52d72fbbe723ca5452.exe

  • Size

    84KB

  • MD5

    7043755489f0c281adc0702cbf030b65

  • SHA1

    74822be5cbed58689d4475102429ca00fac4184d

  • SHA256

    def90bf80539c7d3d3be37f3bccb58de9a56610dad28af52d72fbbe723ca5452

  • SHA512

    4e91d1d6507a5eb43cadc9c901a9c75bf6972d02ca1be19a2ff6ec74b58ada433cc2998af3c98c84f05a167a4ba5698f9bab9cb629bd6be63af518177308b2ab

  • SSDEEP

    1536:+21zbY3/rKpYFJFQUBQr6GE90DinU8TpoaXSREXHfVPfMVwNKT1iqWUPGc4T7VLF:NNHpYFJ+AQWGEqinpFtCREXdXNKT1nto

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2