Extracted

• • Target

    356ab162821250442b7de9265fb6af90801905ee31aeafc42ab4bdfb9e00bcb1.exe

  • Size

    194KB

  • MD5

    67a85ad51f5507a96de669fc512c11ea

  • SHA1

    436de936ce6bd2e8dae899b9a3c17056dd370dc9

  • SHA256

    356ab162821250442b7de9265fb6af90801905ee31aeafc42ab4bdfb9e00bcb1

  • SHA512

    c649ee78c92f97cfc6e5f930f2bbb7c53b53db2e89964324f7ce7c72659572d02290fbdffa583f544782cad46bc21567676220997c99f79c56423b7be652cea3

  • SSDEEP

    3072:lWm0QF3/Uznnns1RumMIM/kEmMIGumMIc/1Gv:4cMjnniRu5/pbuh/Uv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2