Extracted

• • Target

    d8d43a64aa4359b04c3491c56cf1778435f2f8910f91933bbec72576169749b0

  • Size

    89KB

  • MD5

    7d3dbcfeac3f039c8c5777ed4b3dfa3e

  • SHA1

    290ede1090bcac62270776a313eb3161d3f9399e

  • SHA256

    d8d43a64aa4359b04c3491c56cf1778435f2f8910f91933bbec72576169749b0

  • SHA512

    95cc7d169c286ae4743f97bb9434022ea696a0907e71f68d773c7337cd83dd4dcc33bc74e1619e77db1f057acfa05a6b640ce2193bd0b90dc381538cf5d11241

  • SSDEEP

    1536:+la/0PUM/DlaAVLlfuKI+msCjqy8VdRQOD68a+VMKKTRVGFtUhQfR1WRaROR8R:+eCPMUZf8XsGqygeHr4MKy3G7UEqMM6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2