Extracted

• • Target

    85054e97975a45b5737fcc9d5a2ac96a46e27e1704438c4468974068a7d61035

  • Size

    360KB

  • MD5

    c904e285f90cd4022f5dbc06570d8bd0

  • SHA1

    bc5b826922dd7cf0a358a3d5e1918ca778c52e40

  • SHA256

    85054e97975a45b5737fcc9d5a2ac96a46e27e1704438c4468974068a7d61035

  • SHA512

    aa2be1cca1eec9da59d13572d65ed712bbae07eb13447b3359c1634ac3c94f1876509897f00a4ac52c7e95fba2bd1a6d7ac3a722bcbaa367ccc87b90fa6b8b7a

  • SSDEEP

    6144:db6B34ic8CpX2/mnbzvdLaD6OkPgl6bmIjlQFxU:Z0IiTCpXImbzQD6OkPgl6bmIjKxU

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2