Extracted

• • Target

    af26a92633ac19edefe64f5736ee4f5831fba8d260b63898ffb0b90169472472

  • Size

    97KB

  • MD5

    ec059d1a701a42f2712df4a659870195

  • SHA1

    f55f7b1f4065d9890445f1666cc1cc488e9310c4

  • SHA256

    af26a92633ac19edefe64f5736ee4f5831fba8d260b63898ffb0b90169472472

  • SHA512

    71651b71508821304c62230d43b514f53b67b8a3e2a6ac8a0f142ae5c2aa497add82b6731cbcb6acb7634331a87d55bf3617c2d5517d154588c67953dcd5b83d

  • SSDEEP

    1536:sZ5brf3jKLotOSBPkkTbUqMLNSQApQoj76Wr3KoDd7vJXeYZ6:sfff3jKyOeTgHLNSxQojtr6oDdLJXeK6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2