Extracted

• • Target

    TrojanDownloader.Win32.Berbew.pz-00f5f9ce51a2475207d92ff5c9cd0767820a46a4c14d0871c4ffa4ad99ea2a9aN

  • Size

    67KB

  • MD5

    63145a195d0cc909f365f8c403d50c30

  • SHA1

    f8367320edef9ebb0c6438a8cd40e32ad30e03e9

  • SHA256

    00f5f9ce51a2475207d92ff5c9cd0767820a46a4c14d0871c4ffa4ad99ea2a9a

  • SHA512

    714096dd14fc810b242d552534663efc14beacf0d3828a224c1ea24bef17b3344ece6385ffcf1fe6326c3d4ba2375ffa0a1d57454bbd49527f7d3d7738be0379

  • SSDEEP

    1536:MncqYVoKVmFyXKvE7dLNj4o5GYsJifTduD4oTxw:Mcq/KFMExNj4o5GYsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2