Extracted

• • Target

    7b6cd5b13e3d6a66b35d7dba71b936cbffbe516d112def726861466d4f38ab8eN.exe

  • Size

    409KB

  • MD5

    f7590251c7facd84f8717deb4de96e10

  • SHA1

    0e58e1c88496453277db78da49b14a4be518050c

  • SHA256

    7b6cd5b13e3d6a66b35d7dba71b936cbffbe516d112def726861466d4f38ab8e

  • SHA512

    c976e8278ffae1ed2358ee877c6e1fb14f3f55e8555e94872ad6e188855350e05fb34c21467da0b1857d231f0ce182876a27f3dbacbb9a84a1f18134a3164582

  • SSDEEP

    6144:ZI60oMZ0WdRcm4FmowdHoSuNZgZ0Wd/OWdPS2LStOshOWdPS2Lt:Z6h14wFHoS/F5fC55

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2