Extracted

• • Target

    e46088f4e1574af88fae7e2d959bbeeb0bcd9f0b14a3700bafbb3bfeacab43b3

  • Size

    64KB

  • MD5

    12d0709835d52fa842413af2d024e57d

  • SHA1

    50244846f5a0d2c2a9c1c4ee5275760b99b58d52

  • SHA256

    e46088f4e1574af88fae7e2d959bbeeb0bcd9f0b14a3700bafbb3bfeacab43b3

  • SHA512

    bedb529b0d227cc979212c0b9073f3d44d136ffdc9627f7b8a9c9dbd8a540f2695a1669c5eb10af0450688889e907f244f3c028e13146ca79b36b380956922c0

  • SSDEEP

    1536:jO7Hhghp7rrNQCeBhX6hs8SFJ5Lfwg8mFXUwXfzwv:jOBghp/rNs96hs8SblIg8cPzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2