Extracted

• • Target

    6ec43d7c695510ba12d88622254708db9b17fb4e5b3ffc0a8647db9ba914016b

  • Size

    64KB

  • MD5

    810ce960209b0ea063d595c8e5b0a527

  • SHA1

    a101df1eb17bbe97a91902467df688e2ad40d307

  • SHA256

    6ec43d7c695510ba12d88622254708db9b17fb4e5b3ffc0a8647db9ba914016b

  • SHA512

    d7654ba23315eac587a6cc036bbfe430d34d6f7f289455459c8b98c6f3961499e5ecf4eebe1c5efacb67380831200115f6353dcb7ae0b00f0c400a6b4366613b

  • SSDEEP

    1536:6zpFnRIpBR26xkH44G5aqjjcsv8atsb/t9X8DGg9JUkXUwXfzwP:6VFnKpBsFVrTFAPzwP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2