Extracted

• • Target

    eb819bdf88b5154571e03bdb592464612fc07c17a233e57e808fa17cdd68a374.exe

  • Size

    64KB

  • MD5

    dcf649573dbff10dc11ca7e387858e14

  • SHA1

    9ee256098afcf352c3cec9ce5ea404a9647aa377

  • SHA256

    eb819bdf88b5154571e03bdb592464612fc07c17a233e57e808fa17cdd68a374

  • SHA512

    6d776197df9006e23681e73549b045d167bc4ca7a203dab07d368c4729883598934e98860814d11da5aa6ad8f1a7dcaaa922ecd32d8ec84af0e9adf983d3b3e0

  • SSDEEP

    768:tJdG9SjaxOVDqVwgmn963a+eQ5IsxS/rbe/1H59fICyxlLBsLnw0ZFdGUYyykfWH:P9z+wRsRTysx4EOlLBsLnVLdGUHyNwm

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2