Extracted

• • Target

    1a58ab5e5735bacda8f9d215c373dc01de5295fd01b374a69782257809683f64

  • Size

    704KB

  • MD5

    d30efd33710a48ae36f3037e42ca4342

  • SHA1

    239ad4c83db7de3f4c82405f80ea19bb0fc81373

  • SHA256

    1a58ab5e5735bacda8f9d215c373dc01de5295fd01b374a69782257809683f64

  • SHA512

    4beb52e8757c945ea5eb4029e5af8b6fea11d20472401b34f7989a49492dea9aa2150788d014e03acb8c7ab1bc42f989a13ff8b8f6cababd648d9f58aeef477f

  • SSDEEP

    12288:baph2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiRLsR4P377a20R01X:baph2kkkkK4kXkkkkkkkkhLX3a20R0vh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2