Extracted

• • Target

    161f77d80f9e20c1c5f190ee5cc9243d8bf17f512a9b28b177435a3d8e2f3b38

  • Size

    67KB

  • MD5

    7c446e5acc4830d42ea36198d99fa6b7

  • SHA1

    425b087790da78f08c38891fd33d40f103a03f68

  • SHA256

    161f77d80f9e20c1c5f190ee5cc9243d8bf17f512a9b28b177435a3d8e2f3b38

  • SHA512

    366ba5f44be526e49e2ad9b5ef8f33e260695e187f36adf7afff7cf1fc36f1f557af3a83738328425e38175be286c33a8615160ef4ddec5a1a6967fefef73d9f

  • SSDEEP

    1536:00jNmP4nQrNNNNNNNNNNNNNNMoRvBmadk9FsJifTduD4oTxwf:GP4nQ/tdkzsJibdMTxwf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2