Extracted

• • Target

    66555ad71a19157fc560ac9669dd23ae0b2c35344bfd595e6a72bbae3b9f0e01.exe

  • Size

    128KB

  • MD5

    efbcfc314cecdbeda2646927908ca979

  • SHA1

    8327310b13f871432970aa3adb92b3f0cc26bc23

  • SHA256

    66555ad71a19157fc560ac9669dd23ae0b2c35344bfd595e6a72bbae3b9f0e01

  • SHA512

    2ccb9ae60853308278f43776896ad1c5863c08cdd485c8acca3e8a49ae3a99b13067efaf8f285e930e449e226791192d4bc8be342f39b99a9a03e8341c97beb7

  • SSDEEP

    3072:L2vo5+uzGsUasl0DrFDHZtOgxBOXXwwfBoD6N3h8N5GQ:qQ5+uhUaA05tTDUZNSN5Z

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2