Extracted

• • Target

    cf77c413b4c39492b3e0f48903fa76fc335cd1a0567be18ca19c507d7386d9e4

  • Size

    45KB

  • MD5

    5cd5b58b64f9e7eee6eaf3e843c18d2b

  • SHA1

    957d217ec3c80b176e80d5187be2fa6c0c018940

  • SHA256

    cf77c413b4c39492b3e0f48903fa76fc335cd1a0567be18ca19c507d7386d9e4

  • SHA512

    ea0661d0545275f956d756b48b02d3e458725757c3243f6d649615f32618b15d61d79df2a80b77c7e0b12180de0bad814a851b5862ffd77c2b9184541367dbf9

  • SSDEEP

    768:6q5C5s+M5woZuwzxLO3Pc+cJJr/yD7Ivn/RiSu7ocvwOawny+S/1H5/R:6q5nbZp163Pc+MF02/ULh50xR

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2