Extracted

• • Target

    e865ae0a260bae269398e59ff7f19d361aae92e859f60e509baec5d2e23ada00

  • Size

    378KB

  • MD5

    9110eae66e904f4cf8e20dd3db3f0e4b

  • SHA1

    7dee52f0357a5ea4f16b6a29cd05886d74d6a3d6

  • SHA256

    e865ae0a260bae269398e59ff7f19d361aae92e859f60e509baec5d2e23ada00

  • SHA512

    d82d2a0802ad8cee64b93bd964873c2c583ef43a783f5145ef23fa8efbe3ffca821cbf4b03f8a9b12026b70ca74d9aee5d84c11c605f7ee1675bc7e2c9f3f407

  • SSDEEP

    6144:1e075EteYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+42GTQMJSZE:I2KteYr75lTefkY660fIaDZkY660f2lO

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2