Extracted

• • Target

    4ad6fc6b4a4f7183395db2fef7fc85eee9a21e5077a323e4dde88d6cea477ba4

  • Size

    90KB

  • MD5

    fb479e1537b4d2895e71923529174bfb

  • SHA1

    f52ce03d933ccf6e9e2b1296d9bd0e5cd5f5046c

  • SHA256

    4ad6fc6b4a4f7183395db2fef7fc85eee9a21e5077a323e4dde88d6cea477ba4

  • SHA512

    e27603fb87989a8e4b3e1dd04f79db7d6c176c35f498e280fa5550ca6db4bbfc11b85217c0f0dcfdb14288ac191d85e8f8c2a8f4cb9a13ba222e8ceab786a0c1

  • SSDEEP

    1536:SEs3XgA++4nbKR5XtCejgxLSI9yVnQQC4fl8k/7TZP/:RugLlbYtCeyLS83T498a7TZP/

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2