Extracted

• • Target

    d22a990d8d585204d498252a85a92b7aad84416d9da796343a0d97eba70d92d3

  • Size

    64KB

  • MD5

    eae731ebb0a89ad29e55eaf1ffaab940

  • SHA1

    5c21e5b89980e0c7edd5267e1660c278e03e9815

  • SHA256

    d22a990d8d585204d498252a85a92b7aad84416d9da796343a0d97eba70d92d3

  • SHA512

    b700885f69a8c918462a68027f0550f7b9daacc2f2010f2cf7ba88ea9dcf0c7cc24ef67bbb1bf138fbeaef8becb5e5b78c637ba10fe168b7fcba3587d7c62690

  • SSDEEP

    1536:uJckHhMM8lkqnks7mxzELInxv8R54tUXruCHcpzt/Idn:k8Kqnksi5Ecnxv25ipFwn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2