Extracted

• • Target

    a69475c816ab3dec0cb519bbcf775c817eb862e653e10e063ad085b4beb862aa.exe

  • Size

    232KB

  • MD5

    73b61d8f0d6443f0cd8f4ab602ed6ec2

  • SHA1

    e3f4633f13d7c7d9751a4dc9475a94cd3894bf35

  • SHA256

    a69475c816ab3dec0cb519bbcf775c817eb862e653e10e063ad085b4beb862aa

  • SHA512

    a7aa5b4d2b8555eaeeba6b0da46370f03fb18bc64aef6617885d722020559eed8d914e928a103c1bf4f2be2ee917c5f91a0104675ed727c9cfeca627f6bee2e7

  • SSDEEP

    3072:673MoXVhcw3EdUquP7X7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121Tzlp:673rcnd47X6s21L7/s50z/Wa3/PNlPV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2