Extracted

• • Target

    4de9735d486e8f0fdf825a77dd965deaa4e20422267f47b720507c08582b6990

  • Size

    59KB

  • MD5

    4da2e2fba33535ecde52d3528b8b0a86

  • SHA1

    40c61419f3837a23af514db0fb2aa5a5e3be2880

  • SHA256

    4de9735d486e8f0fdf825a77dd965deaa4e20422267f47b720507c08582b6990

  • SHA512

    6818ccaca92d6ceff2d5d645ba6bba950a39926160b209563bdb176e476fe3c5cf1136985229f3e71c977863406e6e9dec4118a27db950d614f98c9a0efed20f

  • SSDEEP

    768:n+eJ0LvJpNCZLoYgLsAc4LSh4V+4PBRMAsbPiylohUcjZ/1H5i5nf1fZMEBFELv8:yJrYlAbns+y6fsNCyVso

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2