Extracted

• • Target

    1db657b5f3acb9bad54195786738a55ddaf39225c6e603c0d3b0612e3725bb32

  • Size

    55KB

  • MD5

    b17e381efd798359754f9f24ad8cc87a

  • SHA1

    b636d27753a917864eb40e5b4e740f3017cb8246

  • SHA256

    1db657b5f3acb9bad54195786738a55ddaf39225c6e603c0d3b0612e3725bb32

  • SHA512

    92a29bc2ab55018859e12f2a72306bfece82bc4f2afa5f756779b9501a809937f48895b1a5aa80f56447d907301c93102d11d5d4f1981f27d86662ef188ef25c

  • SSDEEP

    768:9JwVI7wQUIVWLeYAuvpruf72AJolkOZ6qK/1H5GNSoNSd0A3shxDfC+:SIrUIVB5uy72CjxYNSoNSd0A3shxD6+

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2