Extracted

• • Target

    fc8d513cb86b1ec788329329dc015990ea31c4183e0dabe0c93a816e9c0310de.exe

  • Size

    64KB

  • MD5

    6471f2d7e1f2080f43a0c8b7b4cd6acf

  • SHA1

    f8564fc17a04991a593a07f7dbafe1aa738cdb19

  • SHA256

    fc8d513cb86b1ec788329329dc015990ea31c4183e0dabe0c93a816e9c0310de

  • SHA512

    dcee039c41ecbe6bec8a7fe97483bce0c75b5603eac1f5dd79c45a1e1a4bff111d07b63fecf6e29c370e081d62d8a716384e56220486979616c62b352ea53cfd

  • SSDEEP

    1536:DUJ9mfKo4ZcJdbvh+KlBgZjzdcepA9SXUwXfzws:29qKnOJ+KlBgrcem9WPzws

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2