Extracted

• • Target

    TrojanDownloader.Win32.Berbew.pz-36f62a869d94462d15be15ae7ec00023db9eda8ce101f5bafad89ba673624f0dN

  • Size

    52KB

  • MD5

    60f6d842d5a99b8f340e1238cc63c870

  • SHA1

    7ba8a8467360e6fc21e39d43fc917eef2a6f58e1

  • SHA256

    36f62a869d94462d15be15ae7ec00023db9eda8ce101f5bafad89ba673624f0d

  • SHA512

    a3f272863cf11ec49d0383efec17df9af79a5f3d65bf3892203c213c910ce3f6e777a455b7ec2a2c30adba0edbd128185f0f58d17b14b3f0ac0f8f6a79db144d

  • SSDEEP

    768:w2i8Ry4ZP5IBFhQP2y2YznEVJMvAaX9fxusawDH/1H5F/snMABvKWe:vTRIThQP2y2YY3MvAaX+4mMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2