Extracted

• • Target

    b9a3a3c0bb9f9f3ba335cad6479cbe569e11df5cec4d125acefcb1a8b1572db3

  • Size

    45KB

  • MD5

    e49d83d8a5bc94674e2d8ed03848b6c8

  • SHA1

    2e47fcba9960a603624b14b90efea4518d7ac31a

  • SHA256

    b9a3a3c0bb9f9f3ba335cad6479cbe569e11df5cec4d125acefcb1a8b1572db3

  • SHA512

    857ea74ff5615b97cff8ab2b334e7772d486c0e4d9cc3c20c5a26948dde94e93580542b9f7d3669a4bf009da78fcb3c38793abeed14f06b0ea98bacd0db0959a

  • SSDEEP

    768:zY8dhocxWRP/d3BhCk8U4NEdGcoQzvvWcJJt2soMj9VZm/1H5K0:zY8d2cURP/dx8k8SgcoQrO+LjM00

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2