Extracted

• • Target

    3f687f842d8eb730e8fce25377710fabf690f824afd32d973b7bb135a506a34a

  • Size

    194KB

  • MD5

    ff17d535b1e5946c6fddde2bfd225c6c

  • SHA1

    d9f518957e609b233ee5e1b4b7f41d7f3d79171d

  • SHA256

    3f687f842d8eb730e8fce25377710fabf690f824afd32d973b7bb135a506a34a

  • SHA512

    d25bf5c8ba107122f737c0b84f60826e8a11cefdba7bcd96536822375e7f6e83bbee5bb590a4e125adae41b81c6c7e562efa03ce5822860c0cffb9825f700538

  • SSDEEP

    3072:LeAMUX9Yng/civ6s+mMIM/kEmMIGumMIc/1GV:yAMy7/vJ+5/pbuh/UV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2