Extracted

• • Target

    0cdb6b9e446eadea32919eea7319baa2ab9bbb5e574d6c087302f9693058036c

  • Size

    64KB

  • MD5

    4154c3dfc7a288bf4b8e1bfc4ac71123

  • SHA1

    c5c46f11b6f49459b7421cbda618e2a72a805460

  • SHA256

    0cdb6b9e446eadea32919eea7319baa2ab9bbb5e574d6c087302f9693058036c

  • SHA512

    33600f0a3a8e42efc69ff419ad9bd5f56d82338b85a82a832d7e43f6d321f058bcd501c5847de823b8cc91a5c667bbdcaf59f0a2b0d1c0a0dbeb452b6410483b

  • SSDEEP

    768:0ysGtQ9d8XEDiRvAVBHAIlAWYsji86JZI/1H5EZk6XJ1IwEGp9ThfzyYsHP:0ysH+XoHAFWN6ZOOXUwXfzwP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2