Extracted

• • Target

    e6b9995648d74aa0a35a9c439aaaa156368e7f80feea5a6f25090d2eae4f36d1

  • Size

    67KB

  • MD5

    13c55251a1af0d1fa8da4c02a3d808f2

  • SHA1

    5dab6d22fbbeeff5b4c5c680a7c884c4d8f10d61

  • SHA256

    e6b9995648d74aa0a35a9c439aaaa156368e7f80feea5a6f25090d2eae4f36d1

  • SHA512

    42c87a1de10ede1c328617b9c6540f8f1fcd3cc5d3bfaae9f4d5de207b8d1e0834d386bb4547d571b045a5d586fcac3e6a075f0646d55c17c39e682f47a5a8e0

  • SSDEEP

    1536:azYO9o7xG+LmfHa6aNyDtAP3rY/XLKRA0qccksJifTduD4oTxw:/YQg+LmfHazNMtAP7Y/5vZksJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2