Extracted

• • Target

    ce987e626ac26a80eaf0a94bf1e8c4151311017b552d972ddcef9a48094faa00

  • Size

    91KB

  • MD5

    b3543a72c6e8eae80188c742f8d08420

  • SHA1

    aec7d696394fe321e8c32478e665f99f36838c05

  • SHA256

    ce987e626ac26a80eaf0a94bf1e8c4151311017b552d972ddcef9a48094faa00

  • SHA512

    9b8d56ebfb72b71fa5ef671fc7288436e9d5844ea8e7999439efbb83d190e1fa692e393b9a2a5e338ac0f2d0aeecdb1c74e7b2aac92f08236d56c753ef4e568e

  • SSDEEP

    1536:K625omvpX5MXT4QsEcjriC3FSr7TiwkU6joqqIVLg+:KV5Kxs/nvFSr7TSUurU+

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2