Extracted

• • Target

    a88a334921299a9237abf46dca0f6f96f39fc3758c69be3985f39c8eb956e05aN

  • Size

    96KB

  • MD5

    dbe62f3fdf5913f5051adc485ed6fe00

  • SHA1

    3464bd77e0e4ec10df6e78c3b6614cbd86017ea2

  • SHA256

    a88a334921299a9237abf46dca0f6f96f39fc3758c69be3985f39c8eb956e05a

  • SHA512

    fe3d88f25292322c75a054742dfb9962ac4d88f4b59c68957983085e93c74be3ef3431e947bc186bdc2a7628933245e3a833186cca3bdbd0f7bc50d17e12e0e6

  • SSDEEP

    1536:sXu/Ne4lthJev3OQAipIgv94PErwsvgBDjoj1uS/BOm6MCMy0QiLiizHNQNdq:sKlLJeVpRqsoBDj45Om6MCMyELiAHONM

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2