Extracted

• • Target

    209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69

  • Size

    448KB

  • MD5

    a2f013ddcd10765120b069b9ed3f8c4e

  • SHA1

    2900113a787e6accf2c3131bfa3af9f4080dd718

  • SHA256

    209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69

  • SHA512

    b93a4f5bb7eff6b792fc5273ff7d9af819b5bc961fa2f2010550f2ad5a22014729b3de711a69174ce0f9518c353d12e56b599d7b7229e7f0ba9cda854e1431d1

  • SSDEEP

    6144:Z3o+Rzto18SeNpgdyuH1lZfRo0V8JcgE+ezpg1xrloH:Z3n5s87g7/VycgE81li

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2