Extracted

• • Target

    3ee9f8071cc8b76cd48099536b1e905ba2e5d2b7fc001c144ebbe771664d42d6.exe

  • Size

    97KB

  • MD5

    6faf9f15fa4c6d5e292a4ed9581560e7

  • SHA1

    ff34064c2d5d8a349a7403d0ebfe1df9d970ad1f

  • SHA256

    3ee9f8071cc8b76cd48099536b1e905ba2e5d2b7fc001c144ebbe771664d42d6

  • SHA512

    3634f8943db93f2916555dbecb3f84897369a83da28f26675eb2e2cff1eb6fc5363504c6f9c01473f3ffc554f45fae831999a9cc0afda5295d9f698764f7d776

  • SSDEEP

    1536:1MzkAjMe3jbbpIOBF27RfBVtzNM/XUwXfzwE57pvJXeYZw:OkAgybb/Q7RfBVtqbPzwm7pJXeKw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2