Extracted

• • Target

    d1c691f752ce0ce12401420946f395a042357b5d773885e0fb11d68073e78ab6

  • Size

    704KB

  • MD5

    55fcc2bcef0487460b4403c380a2ce48

  • SHA1

    edfd585e351184916255bcc77ae105e6c1b01fc2

  • SHA256

    d1c691f752ce0ce12401420946f395a042357b5d773885e0fb11d68073e78ab6

  • SHA512

    1e0b2e1c93b1340494756b99e0f83fd417644582e5fda39be46095cc04ea4b3c37686ec8c1abc1d4bedfe7d450456db7b1bac2281d9271e55547ed069d0460d5

  • SSDEEP

    12288:+jXVlZaph2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiRLsR4P377am:+hlZaph2kkkkK4kXkkkkkkkkhLX3a20i

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2