Extracted

• • Target

    TrojanDownloader.Win32.Berbew.pz-1edc5806d73b411ca3c82323bb2dd201662137316472059a21bb33073e6a14d2N

  • Size

    63KB

  • MD5

    2df3f404c8cfd6096d40c941b52c90f0

  • SHA1

    661c1966dd0641b68e1e603333bf370fee22bbbe

  • SHA256

    1edc5806d73b411ca3c82323bb2dd201662137316472059a21bb33073e6a14d2

  • SHA512

    bb3416d02938d8dae8beb0cb8d95e3197e8e259b39641d365f9051bf24034381f2a3a85da4613e96b6eb80688c66b1114ccab8d15a49709a5c092d04789719ae

  • SSDEEP

    1536:8b20S8/MNoPxtq2YG1Ks0wbZ+VoEn9rjDHE:8bXrMxG8stook9DHE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2