Extracted

• • Target

    43266312257ed4420a44b4752d0e7a3451fb5a66083bd6f51b6fdc71e9fb18d6

  • Size

    52KB

  • MD5

    db4df4b43a75a24d217f511947f6ae6d

  • SHA1

    cb1661a91a5521d876ed005859c9a548e26e6634

  • SHA256

    43266312257ed4420a44b4752d0e7a3451fb5a66083bd6f51b6fdc71e9fb18d6

  • SHA512

    2df2bf197b2b4277a830e1e8e6b343c1b661aa063ba5d91b2bd16617696fe0fe92b770c202492467136a3fb70b07f4c3fa35da14040f3e7b9fe4429d55d6e592

  • SSDEEP

    768:8HLXDyW9W3C0dAXZKtZxw69IuntpD2o+OT6z8lKYPF+P/1H5F/s+MABvKWe:Uq9CXXZKxw69IujKvJz8lKwFgDMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2