Extracted

• • Target

    c94f6de0bb7d4edf0f8ebf653429b4f6e111b5c62dbb3b2ca93e4e8fc22923c3

  • Size

    69KB

  • MD5

    ba3a86ab5ef8b7d5cba178fbc3800465

  • SHA1

    349df7b82529a01a74efd91a0f5b0cd34f998aa9

  • SHA256

    c94f6de0bb7d4edf0f8ebf653429b4f6e111b5c62dbb3b2ca93e4e8fc22923c3

  • SHA512

    0ad88c9d41c8a7bc7f22af779f4b5b45f4c83d2c950ab10661ff3b41f6ed24190fe3a448b24f3b38f38ae98f58819286f67dd1e04bdbc2fbe7069b02eef0c555

  • SSDEEP

    1536:P3Ls1EuN7MsonNcKrp2W0K5Mue1kUa9mNein/GFZCeDAyY:PbTuOsonNFrp2W0KJ5UacNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2