Extracted

• • Target

    e8b942616f32f9f84fc84cc0e48bf9f85ef50c89184d68be4890f33fea79c809

  • Size

    69KB

  • MD5

    6fa73e8cfd3372ba8c9b31d65748c8dd

  • SHA1

    efeb37a98df0228b529b2c65ce59c4018d6471db

  • SHA256

    e8b942616f32f9f84fc84cc0e48bf9f85ef50c89184d68be4890f33fea79c809

  • SHA512

    553a9f687b5caeb2452e9cc3ec2e1c3b426509e941605698acef2b7efc03909afc4026264c9f1b550653dbad804e88d70500385558bb6ba3faf23966eb3f59d4

  • SSDEEP

    1536:mqtz7pm8qgh8tKPA6PxzFdHNein/GFZCeDAyY:mqtz7Ugh8ePhFdHNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2