Extracted

• • Target

    f34d88de52b796d6d9f20dbd8f7f388fe21a3f6c34be1dca872312917e182ab9

  • Size

    361KB

  • MD5

    fc7cff1f31666b6aa9e8f0de2337c86c

  • SHA1

    efe4e4d78418337c299b2fd62d984a60c821ffea

  • SHA256

    f34d88de52b796d6d9f20dbd8f7f388fe21a3f6c34be1dca872312917e182ab9

  • SHA512

    f9a0805d7b321978e475c4ac3aabe2333a768d6af819eb225f5830d81dd2cdd09dbae0e850bd059d54a25d3285f831c9ea91b927d95700841538c7f900d36163

  • SSDEEP

    6144:IOVp7KcT/CpX2/mnbzvdLaD6OkPgl6bmIjlQFxU5:ITcDCpXImbzQD6OkPgl6bmIjKxU5

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2