Extracted

• • Target

    9d8b0d6c02b7ece0e628ee1bb1e966fa3473fc38c0ef738f04bc55d9b183cc8b.exe

  • Size

    512KB

  • MD5

    4241318fbd467914ec87d8a7d4754f54

  • SHA1

    f8dc0cadfaa83a7d56a8e563e332b8ca00418400

  • SHA256

    9d8b0d6c02b7ece0e628ee1bb1e966fa3473fc38c0ef738f04bc55d9b183cc8b

  • SHA512

    ea176617df129ca51f2ebcb313aa1388d6ab13ec733c1db814bd6d1fc67ad83fe6fbd896ab0b8b4e4d4c4b8ff6687149aba9c2bd87b6ffd30ec7b7bbe0ade5ce

  • SSDEEP

    6144:O2853XBpnTfwNPbAvjDAcXxxXfY09cnEWPDZB:bQBpnchWcZB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2