Extracted

• • Target

    be28057ccfc7ae2c8f3a99413de3cf35d97510d8a558a1ba2039aeea03691bf0

  • Size

    45KB

  • MD5

    d6a8fe515d938696d24e8994bfa63cd1

  • SHA1

    154a4765ee8a47baa13be67d0d3bab5ce3907e30

  • SHA256

    be28057ccfc7ae2c8f3a99413de3cf35d97510d8a558a1ba2039aeea03691bf0

  • SHA512

    be84151c9a77e61409412dbf25657bda13c572e1016c64699e65cf58a4fd38c07f2d16ca54b587671674480789c3485e005c1e4da9d114b446d28b0b3f01eae2

  • SSDEEP

    768:Z0ZCGNPoWWCXKvHFfj/0fXYI/741+HCij6pgcPCKKKKKKKKKKKKKKKKKKKKKKKKo:ZUCCAk6vHFfkXd741eBcPCKKKKKKKKKN

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2