Extracted

• • Target

    c1eb1c5bb97b8d388ee2a031f65cab7d973b2bbb3fc10d8093fd20b043c731a8N

  • Size

    69KB

  • MD5

    d9fc35d9ab66d7292dcbbab4a8d38e80

  • SHA1

    0aeca0bf3ef395c0a426d49f21ffc58749468bb4

  • SHA256

    c1eb1c5bb97b8d388ee2a031f65cab7d973b2bbb3fc10d8093fd20b043c731a8

  • SHA512

    330f723a2aa56de9d7dabe1f649c66a4e24e7acdec865ef9db0e10f4e2a6d6f05afc24b82d596a52597ff0e9e4d01dfc1696ae4c099b4a8e85468ccef91c773e

  • SSDEEP

    1536:IItRDReHuGJ2qieA3TptuXoNein/GFZCeDAyY:IILYJ/A3TCXoNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2