Extracted

• • Target

    9f18e7da694fcce5afe6294bd2a785549b1ad2eb0111e5323cc0a7688eba1e6c

  • Size

    64KB

  • MD5

    81ea484e97acfb4e4acc2b2a707098ef

  • SHA1

    58d00a40fdd1c1ce5929e7a9578cec544204c5e9

  • SHA256

    9f18e7da694fcce5afe6294bd2a785549b1ad2eb0111e5323cc0a7688eba1e6c

  • SHA512

    c8c3d685fd105dcad15f543eedcd3bb88cda9185c2c6ba8510ee49f005805aa55bf0551fcd9c2085029cb644b0f4bafc9f1a72bbc1ad34bb02a54bbd5f42794f

  • SSDEEP

    1536:XIMo/9+tIFOxnEgwNikHx60H43UXruCHcpzt/Idl:4V+9Qg4HHopFwl

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2