Extracted

• • Target

    d482f26415d025caf65baa88207b2de1d184bdaf0c100b824975677586ddc51cN.exe

  • Size

    465KB

  • MD5

    df5de584f840f1eec5dd0686dfd52300

  • SHA1

    1745cf56e6b8e91aee82031568d62da4d3459891

  • SHA256

    d482f26415d025caf65baa88207b2de1d184bdaf0c100b824975677586ddc51c

  • SHA512

    8cad4bea5bfb2b75f0c91cf5c3dd9386acaf00fe364e8455ffe3235bd660884cb6f23771f482172a2fc230c5251ed28a3515c4afa82dcf42a8a16522b85d6feb

  • SSDEEP

    6144:PxiM5AEhwqOOVF5V4lKjIbvBhRJfzSf9x7N/I7b9M:PMM5AErO8LKlUmpRe94a

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2