Extracted

• • Target

    8a5331a12a4d1e11d1fe0c1afb44d9a62b1fd560c610714b4509617e31df8814.exe

  • Size

    88KB

  • MD5

    ae8cde720f5da210b740d47f00acf447

  • SHA1

    42823c3118b3431bf352cd39e78120fa52e23330

  • SHA256

    8a5331a12a4d1e11d1fe0c1afb44d9a62b1fd560c610714b4509617e31df8814

  • SHA512

    ea365d04bcad5106685af944815d44c51cc928ba957c2c25499e71c23e7c7431993ec23043dd4943c63a59a5c609a30020157208abc6ff40b5ddf44d5f1b795f

  • SSDEEP

    1536:pXMLSwx+4joJ2dOmjJpvG8dI27opJDwsR2qphwkACDaTpeuge5T1Gnouy8b:QSwx+4cmdjJpRSwsR2IVKT12outb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2