Extracted

• • Target

    28942b0465a74b9787b02a46a9ae8563e89b2d3fdfe5b43f43a4551fc5c2f262.exe

  • Size

    76KB

  • MD5

    207dd7ffba65db7a0af7ee9fdd971316

  • SHA1

    16e212f591dcce83482ed17aa72409c2f6286121

  • SHA256

    28942b0465a74b9787b02a46a9ae8563e89b2d3fdfe5b43f43a4551fc5c2f262

  • SHA512

    3a2c0032a3e2c77f92d954838deccaf0209a2c51e5ecc63e074d4f561b1fe5819b739d947ab2199e5c193e9ab1e0dc1a1a37a0d1443d76eeefe8548e904f4ee6

  • SSDEEP

    1536:UDZtrg94WdEsw4SvYTjQzllUllllllllllllllHllllllljlllllvE/7BVcB:UDZ2ffovbllUllllllllllllllHllllT

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2