Extracted

• • Target

    2c92382de1d55481ef5433d87b0ff3eee0ddd68d97b3e742841c80b2259f05a9

  • Size

    96KB

  • MD5

    7c4ecc06eed831d7db77b1f841fdd36a

  • SHA1

    cfd9a0d22f8c1f7bae1032b7a8bbe67fd717b508

  • SHA256

    2c92382de1d55481ef5433d87b0ff3eee0ddd68d97b3e742841c80b2259f05a9

  • SHA512

    3daabd48e950d9d6b2750cadc442ab07b2f6657e6bb8014c6d1d7d511b931e978689194e9b071f6e2a0d9eb139853871de4d0a386550d9d03f5f223599476ca3

  • SSDEEP

    1536:Ab9UAjsNjoygnjB5CMMSIW1rpJ7zq6t3H7fK3uH/BOmjCMy0QiLiizHNQNdq:AVsOVjuRmrpJ7zq6tmuH5OmjCMyELiAd

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2