Extracted

• • Target

    9d5867209c90470a3070da31b80035c08a16348e26eeafbda1cdb817b8c66c6b

  • Size

    64KB

  • MD5

    f209435799c16bcbe33c2a9ae1b9490c

  • SHA1

    32469921a1cc01833e1ce90ab973278071932eac

  • SHA256

    9d5867209c90470a3070da31b80035c08a16348e26eeafbda1cdb817b8c66c6b

  • SHA512

    1a4add53d445bb10dbd935062b0357af398509a2b553e569b471eeb7e16a3bb08fa3c1866bb8da846efa5c1503d3a25f229ef282549607614603dde9ed16e51d

  • SSDEEP

    1536:QX0oFqYwMDG/y668/hcsY0lZ3S33YYY64EUXruCHcpzt/Idn:Qpje/yB2rYgy7pFwn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2