Extracted

• • Target

    095c81728f05b941c8ff0d435c3c76991ecd9be2722a23016df0c377d9551904

  • Size

    96KB

  • MD5

    961a6acbbd6cc5b4157bdfa2a63c56e3

  • SHA1

    9dc632ff74bad0a702ac2ececb1a0a0f2d55b4b4

  • SHA256

    095c81728f05b941c8ff0d435c3c76991ecd9be2722a23016df0c377d9551904

  • SHA512

    6cf78dcda8568f20991f15e921c6b5d8aea01c702e4645277ba5a317617d9e5002f223bbdd3aa622f7a34501a56d1ac12f05cd1392319619fb2f14c7f52ab6a5

  • SSDEEP

    1536:leOpv5LV6nisuYwejikD0H7Yd91qq+luJfgR0IghrUQVoMdUT+irF:ljl5INwu0H7W1yg5w0Ighr1Rhk

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2