Extracted

• • Target

    fd70400b04c13064a1d8db80e3cae357899ed47a20c5af13db693a9a63095295.exe

  • Size

    42KB

  • MD5

    413182402658d392c9cf216cbf925189

  • SHA1

    91f4f835a02f8c460ce7dca0493341528f5ab9cd

  • SHA256

    fd70400b04c13064a1d8db80e3cae357899ed47a20c5af13db693a9a63095295

  • SHA512

    8869def8bc09b732ed0e292a34818b1120c0ca13c1e6ce8b44b2860e3f85f79e5a53a3e766ab3b69934907f18a9809c37f9d393f6ae043dd4492274f4a213631

  • SSDEEP

    768:0cAZYMXNkig2NRM/U2p+T7HmegukZSUUdHumWe7XGiagxwQ8aOxeZoHsX/1H59O:kuMXNkiRQ/pegukZWdHure7vZC0rO

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2