Extracted

• • Target

    f5705a63d0efd57afa6790f9863fd613377b47b8f2b4e235193443b01b58ecfa.exe

  • Size

    364KB

  • MD5

    afca33f2588a81502027bb5206073563

  • SHA1

    36c228298b3d819f54b0536ace24262e2e897ec1

  • SHA256

    f5705a63d0efd57afa6790f9863fd613377b47b8f2b4e235193443b01b58ecfa

  • SHA512

    502a75c64b486acfd52ecf97f6205715235c46374a98110edad137daa958ed760546186c999c9b8f7095cc24be1fc8243b218085fb012b8d8419d937a69f95e9

  • SSDEEP

    6144:B7WCq45DisFj5tT3sFxHnkO/ACmLksFj5tT3sF+:pWdwOs15tLs/EO/ACmgs15tLsw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2