Extracted

• • Target

    c48576f532d18476353cd4b32e436da697a4eda328eebb696804de9703cc9d57.exe

  • Size

    91KB

  • MD5

    8d85adf4ad4a7a352e0fc6fa6f67cb91

  • SHA1

    da2485fc2dc887c9a6fe9270324715f63a68ee6d

  • SHA256

    c48576f532d18476353cd4b32e436da697a4eda328eebb696804de9703cc9d57

  • SHA512

    440eb2b8f89269d3b21572484667e92668d4da9eb371dd49e541108b2aea44b1373bbb121cb5f187a327d452c8382ed28cbb5861a2b861b15df81f789e618999

  • SSDEEP

    1536:1bjjX0+1naHozgXzOeP00bB8qaQ0f/gvZYa1mpeqa2GGcsSju2GfnX7:tjXVOmBQ0XgvmKBdGOj9Gfnr

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2