Extracted

• • Target

    31d03e0ba8c4e10f964317c371fb56c6a8e9f2688f09331c991ec9b38d3285ed.exe

  • Size

    45KB

  • MD5

    aa5c6344798d979141178a814d26fa07

  • SHA1

    15f1dae1904d1e2f72d5f197ea5af8e1d0635625

  • SHA256

    31d03e0ba8c4e10f964317c371fb56c6a8e9f2688f09331c991ec9b38d3285ed

  • SHA512

    fe9b9b4939730ad2d1dc1681cab53a6c0a132f1e61c919dd6c7cd06ceae7f1fa808462f8b8ec9ef87421f7bb2aa1bb851f19e58ffb03ef4c4b425e2465c2f91a

  • SSDEEP

    768:mqs4JmXoGXWlpOYXnITCKnrk3NNlhPvSuWSse/Bdl/1H5SH:Dg4GXWlpOIKrk/rPamf/r8H

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2