Extracted

• • Target

    da9ddd5cceea557c98b10e97bcb96e72b9be262bd75f970291a9a6b4a7062949

  • Size

    121KB

  • MD5

    0befebe610d0bc69b161e663581dd5bf

  • SHA1

    0904dce4818972f0f6b5b3dd106ba1538c1a8e8b

  • SHA256

    da9ddd5cceea557c98b10e97bcb96e72b9be262bd75f970291a9a6b4a7062949

  • SHA512

    59014c053923e571ad49c32cc1d74ed06183a88955afc1530d3a2acbfcf54a65436760c239396f9c14de7d87d0b3fd11ab96d66181efa2baa04da2a8983910df

  • SSDEEP

    3072:pwfknHxgj9aH0ewPLK6EVzqLBzCwO7AJnD5tvv:OjxaH0ewm9zqUwOarvv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2