Extracted

• • Target

    b528d32abd9127ba692e29d2614564ae7e40ff2e8ded3d0585f4d1a23dac20ea

  • Size

    64KB

  • MD5

    61e2001eb2dcce695657747ea0dc4247

  • SHA1

    12f7b7598955b70421c946c758441c0a2ab70d2a

  • SHA256

    b528d32abd9127ba692e29d2614564ae7e40ff2e8ded3d0585f4d1a23dac20ea

  • SHA512

    34f1bfcbfd89e864e93ea2c7684a04c0ce51aa2396034a9b92d56fa85d70cbf4a9e45f1bfd59a221f868d414c6ed5aca646b8b82f9a1661ef162e2bc242d826e

  • SSDEEP

    1536:p7oodFUU6CSPLOJELbMSrqLHiTuimdj2nLbwnYYYYYYYYYYYYYYAYYYYYYZjYYYY:PdvT0LbRnmdj2H8+z

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2