Extracted

• • Target

    f31b506f82710773d9923613c1774786898729df186b39c88ed0a9e8825b4213

  • Size

    45KB

  • MD5

    804c8a2e772613477ddf2dafc354c213

  • SHA1

    0dce0ad38c8a64d252ddc9220390e774cc5d7fa1

  • SHA256

    f31b506f82710773d9923613c1774786898729df186b39c88ed0a9e8825b4213

  • SHA512

    022f42edbc4d47f0aca94382f8d3bee8f3fa360f5c2eb55c143fd89fc8057d814f02ed2e222d0ab9e828aa130d9cefd4d4d5a511e41af3d131fd89842db5990f

  • SSDEEP

    768:gIg4nz/9gfMk7sHAoWl9xpqGqYSk7ONqiwNB+wQ8w98jnH8vsfF9/1H5Xtj:u4nz/9Aog7qvYSqgl6F3dZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2