Extracted

• • Target

    08f119a3f60e3dfb04bfc815c64400681ae4b847b654c0578f2466b5fec556f9

  • Size

    364KB

  • MD5

    d48492ea6d9e25ce57dd04a9b9dbce32

  • SHA1

    8de329cdd23aade7e3e3588a4a4ca14c511c4b77

  • SHA256

    08f119a3f60e3dfb04bfc815c64400681ae4b847b654c0578f2466b5fec556f9

  • SHA512

    f2970510c422539513a9895078936f50076e0977c5cfa683a44f8e3e7606d4057829d66bbec8464bbefb85a6cc9bd96d69bab082f84fd0d69d78c5db760c3da7

  • SSDEEP

    6144:C+QNxd3sFj5tT3sFrqu+2KSnbXwBsFj5tT3sF:bQNx1s15tLs93nbas15tLs

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2