Extracted

• • Target

    111a933edecc50bc4e052818086c64a0442e15ae35a5049947d761939dc771a7

  • Size

    69KB

  • MD5

    63db441712674df7459b5144df2cbac5

  • SHA1

    a07da10968d7bddcfd47823315e02b0c53e3f406

  • SHA256

    111a933edecc50bc4e052818086c64a0442e15ae35a5049947d761939dc771a7

  • SHA512

    46bea1410d21e122100b081aaaa205651f7d2bc38a939556cf23d0b1e1e089b2d22f296e76e3d364fbdcb175cb26908ae7988e4c432e9839eb27dcf03f09b6e3

  • SSDEEP

    1536:AyZclM55J8ufAO+a3VMauRYnnPgUN3QivEg:Fcm5n7RjVSRynPgU5QM

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2