Extracted

• • Target

    d06cc64305847ad5665ac3616b81a33d13c7b4262594dd04118a1a004503d773N.exe

  • Size

    250KB

  • MD5

    27a86433cf70b36ff4e16f84df40d8c0

  • SHA1

    f2df2961969e1dd8f9db62d8b4a5b95a9ba3b42c

  • SHA256

    d06cc64305847ad5665ac3616b81a33d13c7b4262594dd04118a1a004503d773

  • SHA512

    ac30f9a8b922bf6057552892a2c0b6076f67083cf19a8181192db88bd17464d3a78d9292dce69524b998d49ab5cc49841b187768d66b6baf40c25ea1273855c2

  • SSDEEP

    6144:vqTeK45vCvfmZ7KRRRGBCvfmZ7KFpNlJTBCvfmZ7d:STew

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2