Extracted

• • Target

    d61d9358c311970e3229b9668bf18f7fb07701ff4cc8522d7856e3e5e7341475

  • Size

    112KB

  • MD5

    fb22bc11813db981f2ff96c652d3292e

  • SHA1

    474e71fa7e01fea1fd79993cb993463b09466890

  • SHA256

    d61d9358c311970e3229b9668bf18f7fb07701ff4cc8522d7856e3e5e7341475

  • SHA512

    249e9b0a57e296ec91fd1ec2c24f3cebe50a0f2cd8fa37da2d5c88e44e3377958d5a82f42edf9e2cabbbad11fd044ca642b1fc4a665c37f525301586dd53a120

  • SSDEEP

    1536:BkCB9kd8AjA2M3SDcGWjIHcCZc5mz8+QquozVV4FikRynlypv8LIuCseNIQ:BFBj8xtDcGWucwNAIzVCF+lc802eSQ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2