Extracted

• • Target

    c3227c0bd8255a7863079047133dba76da4cd518a496a0f1e64f1257f5e4c487

  • Size

    96KB

  • MD5

    a502ec9335f38b5f97306bd9727bcd54

  • SHA1

    081ae352d7732398abc34efea3ae06743fd4d1de

  • SHA256

    c3227c0bd8255a7863079047133dba76da4cd518a496a0f1e64f1257f5e4c487

  • SHA512

    f34eb2e0ac089f0535f9d343ff599a840f2ee28c5f096d55a4133ac8dd850a1cf5aecc3ba38b3615942f13930c0f725e6c29104283744a5c933ee34b3ad78d21

  • SSDEEP

    3072:BhAOnLR9ilBjHVvfCk9qk9460jd69jc0v:c8RKBjHVvfCkX46ud6NV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2