Extracted

• • Target

    c5e727fd6dcdb098095073b21bde77018b2799c4337dc662ae7c3d553052037c.exe

  • Size

    512KB

  • MD5

    21dcde62ccff091f94389158af1fce2d

  • SHA1

    880e7308fb25c71fbdfef4c4c88816aae5dbae92

  • SHA256

    c5e727fd6dcdb098095073b21bde77018b2799c4337dc662ae7c3d553052037c

  • SHA512

    f265eeb6065e7c1453fcd405473cc7f2217c62e2964579305d6cdde82bcd91692a3fc2fbc20eaa3723059031d8a77c0694694643481fb5de156e8d17917b0b04

  • SSDEEP

    6144:Mxz6yUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHZ:MxzqUG5t1sI5yl48pArv8o45

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2