Extracted

• • Target

    c2c3506eb8084716b65711625b45151dab72a669481002428fa8d2a2895a3caa

  • Size

    84KB

  • MD5

    b4ac2ab39edb608f7d0a82262830110b

  • SHA1

    6efb3f7af7f18bb730e0d9dfa001d4e1fc3bab83

  • SHA256

    c2c3506eb8084716b65711625b45151dab72a669481002428fa8d2a2895a3caa

  • SHA512

    aceca02e1aac059f12fa480f5006e5613701a8395616b522b1f548856148079d9f0cd09af6fd1adc5625f8b0682964bbb1bd5eef0f908e58613620b47d57364e

  • SSDEEP

    1536:TFm2K+sxcKvjhRBC+5+UgU8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmmmmmmd:TFmwQcKvj8Nw3PDyH6n8djlLYR7xr3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2