Extracted

• • Target

    6c19199dd28c894d5a8f0990486f7a22543a4b13b86c58755d744cff51d501e2.exe

  • Size

    90KB

  • MD5

    92c1b53d249c5427e1eaed3b28ba42bd

  • SHA1

    a73a6c136837b15fc26deeba6ee14bb3d64c69e1

  • SHA256

    6c19199dd28c894d5a8f0990486f7a22543a4b13b86c58755d744cff51d501e2

  • SHA512

    aaa0d7cbde1b3be30dcfb61c5e7b9442c473500c4b2b6a318edbb97a365e16df6da083a35062d7329992eca59e5e6fd6bd1fa292427e04183c01e7e75d792e76

  • SSDEEP

    1536:Xlhlk+HyXfUW7aZSttbGHO0g9WI9yVnQQC4fl8k/7TZPf:nlvSx2iGHO0uW83T498a7TZPf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2