Extracted

• • Target

    bdb8ece0eb123a099a055626299b74ce4e40635662a256b6c35ab18fc2c88ebc.exe

  • Size

    379KB

  • MD5

    9da2909a76c7427624f0328fde91e8f1

  • SHA1

    452647c69035fd04540fffef99f348c5c1fa3132

  • SHA256

    bdb8ece0eb123a099a055626299b74ce4e40635662a256b6c35ab18fc2c88ebc

  • SHA512

    70e4c133c3d6747656549835710da1085c894b27f8162f23ef47ef042a4939356aa7544c8821a39b78be87baa8f1c599fd5cffeac54f5968e4783ca781bc90a3

  • SSDEEP

    6144:28BGrCKxLLli7O/0xLxli7O//yb1c3ccU0S6GyTgfiEkrE:5gP6vxr6lGHaXyTg6EkrE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2