Extracted

• • Target

    ea57980c4f83c86e67990216ec214a28ed92496526197f77188901fb0e593d9f

  • Size

    69KB

  • MD5

    f08208772c681a333987889a7d8c9df7

  • SHA1

    d02e2f080b9a7fd5ecb3dc9c090233d1535afd9b

  • SHA256

    ea57980c4f83c86e67990216ec214a28ed92496526197f77188901fb0e593d9f

  • SHA512

    5792e3fb889fff441eae78f1637e5e9036a05c1f96ab146607402858ceedfbb7cfb6d3f8ab49300eb640f3bd20406663765543207aba5fffebd918f630b58155

  • SSDEEP

    768:N251V1a0PQFWkVNcrFB8phzBkyevyfuWffEBAgn9NIP/1H58VU9UiEb/KEiEixVR:s5hayJ88B7X7xMhbPgUN3QivEg

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2