Extracted

• • Target

    ccbcf61b9455a21f31f965d6f3f51095c0bccc2b1fba6ef10dbcf5d4f77c107a

  • Size

    69KB

  • MD5

    de3053d50abd46b81b9fcb7fd86eb0db

  • SHA1

    393c932691672eb6f808b8f7ef23dbb185bd1d50

  • SHA256

    ccbcf61b9455a21f31f965d6f3f51095c0bccc2b1fba6ef10dbcf5d4f77c107a

  • SHA512

    ad781b0a7349400a83635ab0ef604bf451637e7860a300b10504cfb9c501945bf842a6d79af06765056125fd2bcd4d4272024b6afa44a3023f41080eb034b93b

  • SSDEEP

    1536:i/QQtOaa7v7wcX1iLimFMQ9qy9Nein/GFZCeDAyY:sQmOaa7v1WiFnoNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2