Extracted

• • Target

    b9802ddf31b531f86b4687834a7ef3cdd9d754242d60cb68c82c9ad9832ef3eb

  • Size

    237KB

  • MD5

    b077f9baa0d5e3b20b611ee6d7486c2d

  • SHA1

    e317a475a26c5044b4574260de516d865eac7899

  • SHA256

    b9802ddf31b531f86b4687834a7ef3cdd9d754242d60cb68c82c9ad9832ef3eb

  • SHA512

    7a7eceea2756d6a2e09159d86d994883168c4dbd12e5dd66139e28042f285288c1d1bdd0be3d7b1359e296b3dbeef76e431baa5b152ac54dd7d78f3cc3030240

  • SSDEEP

    3072:b8CMuwOYQ22vIRAUbj8Nq75Sq4iqnAUUjE02ZoL9snKKq:Q8QRXj8U5ihYjEToZY8

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2