Extracted

• • Target

    c7d834a1531144a72952e03839e1afbaaa98ffd57ba8f8a428ed0546ce780538.exe

  • Size

    45KB

  • MD5

    f4993cb673176820a62c502a6f09c91f

  • SHA1

    77936404854c4e238bc337656c0fc57da4d9271c

  • SHA256

    c7d834a1531144a72952e03839e1afbaaa98ffd57ba8f8a428ed0546ce780538

  • SHA512

    b438a52398aaccb8656ddb97a413c80958e57204da419194ea8a8accbf6a09894bbe6c9fc728bedc691cef81e20ffaf8c4cd0002e0806f1c94aa0bc2c1b9e3cb

  • SSDEEP

    768:L4vElUpUmHsRx0Jgnvs2pZmbBXT9sMJx60I5MEBsFUFmW/1H5n:LUE90JgnfpZmbBmR5METm8F

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2