Extracted

• • Target

    5271e6f9a9447d963070e54ba16fc0fee62de2d037b1d7c1be65c92872b0eef4.exe

  • Size

    465KB

  • MD5

    2da1eeea07519b29947bc7d5540aa03a

  • SHA1

    d35e227f1dcf05857a9f4328c3e55fd1b8bcd3c1

  • SHA256

    5271e6f9a9447d963070e54ba16fc0fee62de2d037b1d7c1be65c92872b0eef4

  • SHA512

    a486195719bf815ba60e21744c9c62e9d0e7225a9a5f777897d3ec783ee8600c27e1bfa08261760b27109c6750191061af1043252cd7a6f00bfe0bcca7ae9c1c

  • SSDEEP

    6144:8f/8OpqOOVF5V4lKjIbvBhRJfzSf9x7N/I7b9M:8f/8VO8LKlUmpRe94K

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2