Extracted

• • Target

    838ffcde285fc20b5317820393fb77ae720d02238974c06c11c1aca6038adc65N.exe

  • Size

    92KB

  • MD5

    e8fd8ece0e612d8baf3413dd0f56d130

  • SHA1

    9d15ee087485c712c29064f62d08477bb0021de9

  • SHA256

    838ffcde285fc20b5317820393fb77ae720d02238974c06c11c1aca6038adc65

  • SHA512

    aa26bcd2683222c8dcd8e402e2e7e35ff57361659d8802b2181165411fbf8a8239a260aa579177e58141e3a01cc74b205001110dec67c89cf58b40ddd52c2526

  • SSDEEP

    1536:nLdCDgltUOKmW4uL/u0SnmmM9dk1TG2dG+eo1xC0GZFXUmSC2e3l+:LdogltZDuL/u0sm33k1TG24ho1mtye30

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2