Extracted

• • Target

    2c5e56a10e111bd3747c6922455fb65217a61dba1d223e93662064451a9c7bbcN

  • Size

    64KB

  • MD5

    edb4c475af7190b287461badcabcef40

  • SHA1

    42bfc0b2d0e27c1d384d26f98d88d8fdbcd73002

  • SHA256

    2c5e56a10e111bd3747c6922455fb65217a61dba1d223e93662064451a9c7bbc

  • SHA512

    94c9e73ce07ee3d3d1738312a6cb8fe486c3dab1b9df12e14a382df79f8ce4228b685834dc1c02136e9f09febf29ebfe39a90d11396de0254a22504d43bfc87e

  • SSDEEP

    1536:TkEu53FrZJXQAWx8ICTf2Pw0Tw6XUwXfzwv:wEi3RZJXwxLgIw0TNPzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2