Extracted

• • Target

    630d255053b143ade8a9b42cae9b00c32ada6d9da8acf7986959cbb25765e91bN

  • Size

    320KB

  • MD5

    b466fae2f1b5a46d76368aa2e2d21270

  • SHA1

    f0e7fbc2a47d6a84f667c5dbd2f89a87bed30eb1

  • SHA256

    630d255053b143ade8a9b42cae9b00c32ada6d9da8acf7986959cbb25765e91b

  • SHA512

    baf9222f447d2ee91126def79d4b2c8fb7bdc69b7fe7ab1bb40aa102c04386b9b54b55d82fbf7d083fe3ff134c2f3fd5045daf6ee25d832ba1b50bcf715ffa6c

  • SSDEEP

    6144:RvRQxvOhFLgEVeYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+42GD:bjFVeYr75lTefkY660fIaDZkY660f

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2