Extracted

• • Target

    3f64443c39243c0dee1926e0d7ad30a509c2ab8a373c96006cf19b282bab5b93.exe

  • Size

    55KB

  • MD5

    91f52f1ebbb9bd08cd88a293a8478bc3

  • SHA1

    aa776be2040eba9d511cb9c38e3f8a2c7b345b1c

  • SHA256

    3f64443c39243c0dee1926e0d7ad30a509c2ab8a373c96006cf19b282bab5b93

  • SHA512

    7365cea6d1a935741449d52103125cde4db338e537e9a2c8666dfe1caa365af65961e60e2075d22bc2654208a8c33dbab5db9adb392e72a3c3df14ade61a2535

  • SSDEEP

    1536:ZBsJrcKcu2gkqAIiIEj13vh7/FGMSc6bcNSoNSd0A3shxD6a:ZBMclqAzjZv7GMYbcNXNW0A8hhb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2