Extracted

• • Target

    e82706209df1931d698cccaf5fbd3acca1c9ed37c388ca966059ba0fe2d46a0c

  • Size

    128KB

  • MD5

    f93b429284843147df4fe5fffda30bee

  • SHA1

    67d8114dc37477ba416cbc292182dae3d0789733

  • SHA256

    e82706209df1931d698cccaf5fbd3acca1c9ed37c388ca966059ba0fe2d46a0c

  • SHA512

    95f1a305234583fad57acf3fdb8156df306497b43716ac0a90a2f7e94af2a10738184f5016b314a6024c9ff1fefec0d8e63b3b56c27c88388650c721b84e71b8

  • SSDEEP

    1536:63rlHtqH6oCJiv5XDQjILQ9FKGXllUDtM60TD4ruhiZlrQIFiglF9xZ95Q:67PE6JK5X6KG7UDd0pCrQIFdFtLQ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2