Extracted

• • Target

    d54539b212b2f134da6b604bdfab0ab9436bc84775c16a0fb8164f5b594affbc.exe

  • Size

    481KB

  • MD5

    51877248e06513ba4e7756a381bf00a2

  • SHA1

    7ff64c93724b5052776eb7ec51d16ecf7276a9d2

  • SHA256

    d54539b212b2f134da6b604bdfab0ab9436bc84775c16a0fb8164f5b594affbc

  • SHA512

    7eac99ed1857a62e7e74ac9a2fdb511e2beec3f5b75f6f924b3fa4e5447c2debd0683bfa4cfc15d752fc82d9c64bba07058d5a4e465c8e6669753307ea70433d

  • SSDEEP

    12288:41s6/+zrWAI5KFum/+zrWAIAqWim/+zrWAI5KFV:P6m0BmmvFimm0m

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2