Extracted

• • Target

    6a7a138d6c8542ad6763c56a9df76c6be4806226e2f75b5d907720ecfb501d6c

  • Size

    409KB

  • MD5

    efb39093de0da1a5504fa9999cdf1c80

  • SHA1

    3306078f15ff8f105c95efda43e965a9c67071eb

  • SHA256

    6a7a138d6c8542ad6763c56a9df76c6be4806226e2f75b5d907720ecfb501d6c

  • SHA512

    72aa238c1fa45f6365925f7d3dd0a1d98289490b3626eff30f5ce1283c52aa04c173cdf30f40a4e8248d6dc6df01bf13e2a98aa87dec4b365a127da35d9d148c

  • SSDEEP

    6144:+a/x/aZgZ0Wd/OWdPS2LStOshOWdPS2Ln:pTF5fC5L

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2