Extracted

• • Target

    6d981fb4ea55a0ca5d35108f0f69adbaf02089879807fb82157e8e62acbcb7b7.exe

  • Size

    55KB

  • MD5

    e51a0a8ff41fa14307f810db3303c79d

  • SHA1

    f3328ac54427bc778b86a2d297c1427b3be123cd

  • SHA256

    6d981fb4ea55a0ca5d35108f0f69adbaf02089879807fb82157e8e62acbcb7b7

  • SHA512

    d705d93f6c06ece90ca46bebb7206b403e2186168303fdcaecc9fe990cdef7a792ce2ec8d092ecc76c44a5993803df2b3159f0580d0cbbd06a92e73432d01b6e

  • SSDEEP

    1536:1Gc0rvkElu/XexYhoX8Yh6koT8or2iOaGyeqWCu6mS+K2iOaGyWCu6mK2iOaGyeY:1h0rvdufexYCa2iOaGyeqWCu6mS+K2iF

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2