Extracted

• • Target

    4c3f28cd8b9c3d71a6ab36bd5150d331af4171ebf39916563cc95444c4093431

  • Size

    42KB

  • MD5

    7d9561fcdb30454e64b91c0b1a5f2f31

  • SHA1

    81c20434cf3a028ee898763c9441dbc4a5bc85b1

  • SHA256

    4c3f28cd8b9c3d71a6ab36bd5150d331af4171ebf39916563cc95444c4093431

  • SHA512

    510015efb4f23d86fb14836a2fb143d38aeeb3d1d5b3447d95f3f9897957c1521578970c4fc4f68c7708da1f1496f5ca1cf35000ba4f7f6089488a75b029030a

  • SSDEEP

    768:bll2gShh4HGsAEw1YnHHIFckDDM1F/aEkMdOmYeAh0cU/1H5oa:xl2fhh4u9YnHHSNnkNl/V

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2