Extracted

• • Target

    211203a5d1d7e62b6e5e6f8d7a4ef0392772d77d11bff8e596ccfdcc53759891.exe

  • Size

    264KB

  • MD5

    d9643ca7d69ccb8663c0a5895dac8475

  • SHA1

    3b93a37840cca913b790f58903ac78868a8e5175

  • SHA256

    211203a5d1d7e62b6e5e6f8d7a4ef0392772d77d11bff8e596ccfdcc53759891

  • SHA512

    aa56fd2f0b7fa8785092f5f9971d538c88d0765ef6206835ce771291362d4bf53101602d1cc32fad593b1aea99280d2b41300f0315d2b59357c20ffc946ccdb2

  • SSDEEP

    3072:XBe+bbnqqO+r24ho1mtye3lFDrFDHZtO8jJkiUi8ChpBhx5Zd424ho1mtye3lFDa:XYsLqqO+gsFj5tPNki9HZd1sFj5tw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2