Extracted

• • Target

    50a977aff033d2f524bcb2ceacf40fd144d586cd541636e99c013397d49596c9.exe

  • Size

    85KB

  • MD5

    39a4bdaaa72172c2833a2a4b4089c813

  • SHA1

    1ad61236848033d603e804358f76f6f63a0a65c3

  • SHA256

    50a977aff033d2f524bcb2ceacf40fd144d586cd541636e99c013397d49596c9

  • SHA512

    01d04b557de46ddc3c78cbbf825eb2946377eb91babaa9876c984a83eb5647183001ff4408b5ebf82d18972b3460dab30f4b99e3aec779a2d503ac96bd8c5f5e

  • SSDEEP

    1536:DI9fAoAXv6TCw+jUkdXnQbDlO7uXcNvvm5yw/Lb0OUrrQ35wNBB:efAoAyTC1TBQbs7usluTXp6B

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2