Extracted

• • Target

    089333fc6b689a4685b2d18084efdcf31a102a74485052f8bef90cbadacac2f4N.exe

  • Size

    128KB

  • MD5

    6c064f024e21ea105538335e24c52090

  • SHA1

    4c8acd0fbe0f4873c3f8c8f467189e15026fc125

  • SHA256

    089333fc6b689a4685b2d18084efdcf31a102a74485052f8bef90cbadacac2f4

  • SHA512

    52b5c6261c4aced6cd641291becdd4420a5a4932b46e5a51c5c42173b9e1430879a5dd6dc98525e20e0419be56fd55c8d8e09deb60fd7d7553c09cf4c32bd1da

  • SSDEEP

    3072:7gsmiFIwlT1zl76+uBcIDrFDHZtOgxBOXXwwfBoD6N3h8N5Gg:ssjFIU1zlW+lA5tTDUZNSN57

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2