Extracted

• • Target

    c26d6556120f49702af3929072efa94d8dc17eb12832508468727bc27d95ee93.exe

  • Size

    85KB

  • MD5

    89627f068e314fb352b2fafd9934f9fd

  • SHA1

    5e2bf18d212b25119ecf08fc3b52771eb2a76f86

  • SHA256

    c26d6556120f49702af3929072efa94d8dc17eb12832508468727bc27d95ee93

  • SHA512

    ea7af0163172c101c0aeb3bb235088d321d51a29a77313df4af043c315b9f6aff538a34a660b874a10d89bb458e0a829bb871893a0feff3f6a7185749dd9afbb

  • SSDEEP

    1536:Sa+2oN5cF6zH9QvK6ClO7uXcNvvm5yw/Lb0OUrrQ35wNBR:SaboN5DOvXV7usluTXp6R

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2