Extracted

• • Target

    4fa7f02a8c19d5302a5ffc84ffab3dba636e79a89dce4971f9312049622f86bf

  • Size

    89KB

  • MD5

    f522306c68fe94efaded4ef2d43489e9

  • SHA1

    373cad0ba560439fe9bc478786c6be0b57e69c3c

  • SHA256

    4fa7f02a8c19d5302a5ffc84ffab3dba636e79a89dce4971f9312049622f86bf

  • SHA512

    906f45af3d8cfc527a5fc2de09f448c82753da7c81e29fd92bc6d3c87f16d63cbdaf2c5afc4a8cd31ec6e29dc8e80e7e57c2d518973a169255cf76c02eee9293

  • SSDEEP

    1536:xOzqM5AsgAR5IoaKCv03s+KL8j1WEKYnpQEcclExkg8Fk:xQJgAjW6jcclakgwk

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2