Extracted

• • Target

    6901121b15694bc7524dcb108bfd7130fdab77d030865b911ff8d871545577fc

  • Size

    97KB

  • MD5

    fa7a8a86aa595068d961278beffee462

  • SHA1

    9bafebc15b508c4cd30972da4afd8a36c6580bd5

  • SHA256

    6901121b15694bc7524dcb108bfd7130fdab77d030865b911ff8d871545577fc

  • SHA512

    3bd628c0a82e44fcc0a8d3644733bb33c08ed829b14f6d3f59900fa23de694b6c7a4538f4a50f823115a1e9b5e043a321e5f71f748dd88855109459632d917db

  • SSDEEP

    3072:VfjNeeWUdY7mvjfBknXN0/CZgKfPzwm7pJXeKE:emLcgKHz/7zeD

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2