Extracted

• • Target

    7179cb7fdcedcddf1a6bd4f6644e2d6237a0049241937c5d79972809b55a1265

  • Size

    194KB

  • MD5

    6eb4d49fd911e84d243075faa22315a0

  • SHA1

    67484eba5b3611e44922abb457865c296486fe85

  • SHA256

    7179cb7fdcedcddf1a6bd4f6644e2d6237a0049241937c5d79972809b55a1265

  • SHA512

    dcfad5302b78687d3d0651c8014a97ad80c8fcdef5bb8c4edbb90118649652d3c34ab07b85d4835105e52995d0ca751966db72a6e56192d366703ab5a4891b3d

  • SSDEEP

    1536:8Zon+P3mJdUTxAE8SLvIumOZatMIM/5/KEatMIGuatMIc/zT4a5GV:80JalAE7vTmMIM/kEmMIGumMIc/1GV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2