Extracted

• • Target

    b5ebea5987aaa70f059e975e167f6b49292cb72bf2ca5a31ededf1f3fb99711d

  • Size

    113KB

  • MD5

    ef0cd4cfe39cda098ef1f3a2d6e8583d

  • SHA1

    6998dc22cd7951033b6eb9338d9b86af03aa8448

  • SHA256

    b5ebea5987aaa70f059e975e167f6b49292cb72bf2ca5a31ededf1f3fb99711d

  • SHA512

    26835c26b66a190773a626d28d1aa610d641093e85a44a605d5d45cace11603e21f45a3217af8e0498f1206bd120bd8ce838da14698f2453dbd27606af958294

  • SSDEEP

    3072:Oi9ORjMYE+v1z+SuSIVOuGkZFfFSebHWrH8wTW0p:OmOdMrm+SuVk7otSeWrPB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2