Extracted

• • Target

    f347cbf79fda3a0416bb23daa8c189029a59618f5378073761c9a281101d3d53

  • Size

    63KB

  • MD5

    7d64031e2341c2c5138bb9994d95fedb

  • SHA1

    ceb8b6b51423d14e06c557470f21b2c2f34d28b3

  • SHA256

    f347cbf79fda3a0416bb23daa8c189029a59618f5378073761c9a281101d3d53

  • SHA512

    c304d984c1c6ab9af9b60146d5611f3213275fb4521a5de0f99e59a717bec5c1e564a0d57c376d23c38950ea4fc98376336a122e4bd46eeedf1a5ad9f85bf565

  • SSDEEP

    1536:Ytkn7Xbb0ttBerBzP4HXTk+Vs+En9rjDHE:17v0teijkos+k9DHE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2