Extracted

• • Target

    f00905e2c71016946c523418740c79d23c4f68aec504266e4dc2955296b0f371.exe

  • Size

    92KB

  • MD5

    970e68f9d04769cd64507f04b9eb9be3

  • SHA1

    277447b99da8da01c28f45376533e66f989036d2

  • SHA256

    f00905e2c71016946c523418740c79d23c4f68aec504266e4dc2955296b0f371

  • SHA512

    52ebecf79720644986c83619d2f7413febc8531182bd66cca32e5971e1a5c631ebc6da42147239ed4811b00a600c3ea1039efe3e750d55225e231c17ea0af333

  • SSDEEP

    1536:Wl2HI2i1X1E7X26OmT/2bdIlO7uXcNvvm5yw/Lb0OUrrQ35wNBUyVVy:0ODmvOQdL7usluTXp6Ut

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2