Extracted

• • Target

    086a2fd3619c538e44cd0fe15340ff0d12d4c5e45e2b4608bbcf99bfe2a45c79.exe

  • Size

    92KB

  • MD5

    10f9c7d16641a9b9353b986789fa4a25

  • SHA1

    a714c70dbd09ff09159faee8a1631fe40ac140ac

  • SHA256

    086a2fd3619c538e44cd0fe15340ff0d12d4c5e45e2b4608bbcf99bfe2a45c79

  • SHA512

    136823a2f2b748a4c074491472ab0da5f1e2d50c8465fe41edeb0fd3c045b21a6ae2023db3e3b0bf5a3ad6fdba8f033296f267bd75f264ade1a473d1db9316a1

  • SSDEEP

    1536:J9RhPpywklPl30ShbJ6XSsI9x1BHVQ2dG+eo1xC0GZFXUmSC2e3l+:5hE/Pd0ShVQ24ho1mtye3l+

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2