Extracted

• • Target

    56ce69d83ee0fb302739f785c04050dbf9b14eaa941f3f7ec4be98bdf7d86a04

  • Size

    96KB

  • MD5

    b52d8b3e19c847205254e511b7f67acd

  • SHA1

    e34d6bd64181b015e34d7c9fb5e661a5aee969e5

  • SHA256

    56ce69d83ee0fb302739f785c04050dbf9b14eaa941f3f7ec4be98bdf7d86a04

  • SHA512

    a9ee60985afaa68674c25c54f16930f6086e0406dc08e0e47cde21f26414c4cd325fdc10324c1341ae810b640fc381c001305a83861835eb9b5e72b0b5d43bca

  • SSDEEP

    3072:24iqQrh5IoFpZS4kXScBQIXc8+x+K4d69jc0v:XiqyHlJmi/IXcLx+K4d6NV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2