Extracted

• • Target

    e69091a4b652d179d74feaab1b650803937bf9b66ce2b75317e7960ca5c9f643

  • Size

    1.2MB

  • MD5

    86488fb3943dda6c2c057db66bf0a16f

  • SHA1

    f5f5c90a33d43e08ecb1277ad22032e7fbea8ba6

  • SHA256

    e69091a4b652d179d74feaab1b650803937bf9b66ce2b75317e7960ca5c9f643

  • SHA512

    3e71bbdfd7873353008646402457947c734b37be3fb3e84c4c2d4763542b3fa0bd29ee1d889b2025471c71b7007355e69ea3b629267c1cd0e89636dfa3150665

  • SSDEEP

    12288:0HwM2UuHk8D1fIz7kzwFYvNA+XTvZHWuEo3oW2to:PzwFYv2EvZHp3oW2to

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2