Extracted

• • Target

    c9f9514fe6c54a5339bbaf44cef99a978abf26db277cda6939c03c92aa15369b

  • Size

    344KB

  • MD5

    ef1d65b1e5a329d3c79f82291fa6af65

  • SHA1

    e1983c1f71e2c54ef61482f1f69e0c3d84bcd90f

  • SHA256

    c9f9514fe6c54a5339bbaf44cef99a978abf26db277cda6939c03c92aa15369b

  • SHA512

    3e7ffedc06c57e9afaae2f252ee5bdc1f115f98e8d1e242083c0bea2770036a4eaa0545327c2eeefa467e8bd44b9a4a171d556e9488132a755ab73e9f781f248

  • SSDEEP

    6144:69mpYCpX2/mnbzvdLaD6OkPgl6bmIjlQFn:qCpXImbzQD6OkPgl6bmIjKn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2