Extracted

• • Target

    f63206aeadf652ca09757431fe6bd470f97879c6de853db9cda73be17b446c27N

  • Size

    45KB

  • MD5

    f5f7e0d8cdf8599df643ce7e454fb470

  • SHA1

    bbad181034ec4e66e1ba1cee1f6fc19e513e2d90

  • SHA256

    f63206aeadf652ca09757431fe6bd470f97879c6de853db9cda73be17b446c27

  • SHA512

    425342f1b28ba8a20ce5a83b33f69159fc5667ecf5850c29a2d164c87994cdffed8414912af0dfeb1b4ed7cccd0c7228eb9cb885d264368359248de0c868e9be

  • SSDEEP

    768:DdgAJ+LoLvvI07DM1XtPWpq4u4EJoAJIpMYibLQ/SFvUJzwljAI/1H5p:BWoLo07Q19PXbJoAJI+YhbyljAOn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2