Extracted

• • Target

    f430a8b1b01690483ec413a5a4007002ab383925f8e7696bc845696ba93d6aca

  • Size

    92KB

  • MD5

    8ff387623d83510ff46b7ca82f75e49c

  • SHA1

    5622c29ecd757e8f1d63a4e81d12145f67d6c28f

  • SHA256

    f430a8b1b01690483ec413a5a4007002ab383925f8e7696bc845696ba93d6aca

  • SHA512

    5726e42bff2601b7a0d296140542e7f22be82593bc5439d261b3a0e030fb36d4397332d98ea87f1ef14041bef5332188c9fb8809dbf10bfa9e40f27b8e6935e6

  • SSDEEP

    1536:lKjCP0c5DpRxVEKJWLe+99u2dG+eo1xC0GZFXUmSC2e3lq:wjCP0cJpRUKJWLe0u24ho1mtye3lq

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2