Extracted

• • Target

    b6ae1d95b69e41c815850a026a85fcbeecb3a5e5c6b1d90fc852d73d76b8c165

  • Size

    45KB

  • MD5

    e5cac652a2b2dca7dd1fed0a5866b74a

  • SHA1

    a9a2c1fd7fabc750ab51b81714c079e0d6fdca50

  • SHA256

    b6ae1d95b69e41c815850a026a85fcbeecb3a5e5c6b1d90fc852d73d76b8c165

  • SHA512

    4dfd4854dc47ff362e1971fc4b8c376e137cfcaac67795abc214f43f3aeed91af53516f82632a82fc05800a36db86e022f6f62dcd6ae05b7a9741252407b9024

  • SSDEEP

    768:zQ8YAMFQ9bZ5Vyhg257h2R3Fs2d8AVTDxssBi97+NvQ10ap04UX+tUP/1H5P:zHMFw5VQg257h2R3Fs2dLpvi9CdQ10Qk

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2