Extracted

• • Target

    e9d98978ff81f9cba01981d41be14cf7f4feab5b516a0a03f9f530e4f08752c0.exe

  • Size

    142KB

  • MD5

    96cdbaabeb5f3e9501d776863f5d5271

  • SHA1

    2a58e80f2ab6b41baac0c6f53202962c05a20f9c

  • SHA256

    e9d98978ff81f9cba01981d41be14cf7f4feab5b516a0a03f9f530e4f08752c0

  • SHA512

    73444a993bc6e54567c3d45243db6d6eb77ab5af0a65e650a1b433d17b447f757f87f4a20020070836117b8b3e8eec38477a3f9b6a0f863e858e4f6a92cf0965

  • SSDEEP

    3072:+PT2XBzDMo0Qc4EgsIUw8YkAMo0Qc4sIUw8AMo0Qc4EIUw8YkAMo0Qc4EgsIUm++:+PT2Xd8R2TGjYF3azNPXPXTGjYu

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2