Extracted

• • Target

    dac011b01f1412b3cdf9d41bf2fbc28c5690b49f835262fe29966aa603128030

  • Size

    97KB

  • MD5

    b3ff02277bd64289de6dbd271eb62ba0

  • SHA1

    e8a3a023196f4ac611acd8c275ec6e339b8ece7c

  • SHA256

    dac011b01f1412b3cdf9d41bf2fbc28c5690b49f835262fe29966aa603128030

  • SHA512

    e640e31ec4c2b0042fee601fddb3f5db7fb16819d65128c4e6cb9d97f5c6d374e2381d6c6001cd45d088bb5946ba7c1a7ae203dfc78589c821449e06df020b5a

  • SSDEEP

    1536:QkMtP/e5kPZWr65Xaof2RF2TViXUwXfzwE57pvJXeYZ6:I+K8r65P+ETVGPzwm7pJXeK6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2