Extracted

• • Target

    3e130b4d29b217304916732a8cd9aab23d0542dd7390fe9c018dfb0804d1db5f.exe

  • Size

    42KB

  • MD5

    da8c241724f3b9d3f38e8b0b55ea65a5

  • SHA1

    79c8f54b92708fe714787d33531bffa812b734ad

  • SHA256

    3e130b4d29b217304916732a8cd9aab23d0542dd7390fe9c018dfb0804d1db5f

  • SHA512

    26e5031fbce4fde02e89cdd8fbd4d8c3d027bf104b66e1ccbb7b7fa45a3c2ba387f93c395b6c40b7b951ad6cf14090d89d4ff0cda1e90c600f383c94fd0a4e50

  • SSDEEP

    768:gDhYp951gBxLHYCVBOV12udHwc5nCTwU2imazV/1H51:gupnqvTU5ukq4iNr

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2