Extracted

• • Target

    b433fd121994a990534661333eb5495c82ecbf3b3f6c98cde0229b2618233eb4

  • Size

    55KB

  • MD5

    5273fc6cb4cefe89d08a514e72582740

  • SHA1

    9a3f010720ccab1ce1e0a6bc80d086c01ea62d25

  • SHA256

    b433fd121994a990534661333eb5495c82ecbf3b3f6c98cde0229b2618233eb4

  • SHA512

    e86e635da5c61bd0c543b55080586e6bb41dfd92d92f86667ea0ffa152a5473a8cf363592c85cc85eec143898ccb88831cb0bedd4f064dec5e3d44191984ba3d

  • SSDEEP

    1536:VFUz4Jq0ruBLxBHqepN8KjNSoNSd0A3shxD6:wz4J9uNKCnjNXNW0A8hh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2