Extracted

• • Target

    f4aa717b264abd15ef06c7a450d246dce17e63b24d6bebbd764eb3fa6148991b

  • Size

    55KB

  • MD5

    deb98316d52ae060c6e2827de4b800dd

  • SHA1

    d800a6ccb0f2073ca02435d24fdb36f29c63b267

  • SHA256

    f4aa717b264abd15ef06c7a450d246dce17e63b24d6bebbd764eb3fa6148991b

  • SHA512

    6067f59ce3d6db1dea2d3f225c8e2fc9e338dd27ee4e55b52584608d9b384ca2b7641f640b1f30a2698a20e82a69f89282ed612d3f98b1e594bfb3a02b1991b1

  • SSDEEP

    1536:6Ss5ciyr2/v9skn/m+KNSoNSd0A3shxD6:6Soy6/v+kn+dNXNW0A8hh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2