Extracted

• • Target

    29212313139760de5772f7067e1fcae2dc9bbb00ca4035ee972cd95cb4f54bec

  • Size

    481KB

  • MD5

    e96d30abe0beceec2681c834acf3389e

  • SHA1

    258c4f685b930a7fe623cd11bae5347982b3d8cf

  • SHA256

    29212313139760de5772f7067e1fcae2dc9bbb00ca4035ee972cd95cb4f54bec

  • SHA512

    a555b51e83b1c10f4a6b5e77ad47a5df7596aa5b541e4ba1d3cc82a386e0568d51a9d0410876e8711a64c4f59b59754d4cca323fca251c1af15e4e9e31c3ef4f

  • SSDEEP

    12288:c0Y2zHsoxdAMPGG7CGFB24lwR45FB24l4++dBQ:c0BPLPqW

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2