Extracted

• • Target

    cce03f36a83ed7bafa3bb05237d2fdee1dd62adc7c6443846225940c66b4e053.exe

  • Size

    409KB

  • MD5

    28304e825eea6560628749c920d5cfbe

  • SHA1

    ebb8327a36f19d1a0625fec2b8e1def9ad1b5ac5

  • SHA256

    cce03f36a83ed7bafa3bb05237d2fdee1dd62adc7c6443846225940c66b4e053

  • SHA512

    b6b2d37f546cd602fb6d38589e1299871d3e8dd06aceb45e9f800bdbf5a0623e84dc2d264c28256573f5d4b23dc18c2dda232d41afb0deca54cb5cf6eadd7b5f

  • SSDEEP

    3072:qrssok9Y/y8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqlhTZNAqWBWhjow:WoNlZgZ0Wd/OWdPS2LStOshOWdPS2Ld

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2