Extracted

• • Target

    f58daf934e24c852593f1801cba960fc8a52cad9e40d3d059b100c8edb4b5728

  • Size

    64KB

  • MD5

    400d0739d158555649bc2092348fe65d

  • SHA1

    ff9bc46f53d0d26ec64fe5555dbcad992d95cbf4

  • SHA256

    f58daf934e24c852593f1801cba960fc8a52cad9e40d3d059b100c8edb4b5728

  • SHA512

    8b00c89f9e572368eee1ea1a49e0cb4cfd2a04c3cb75b003eea2a47388e7e2adbbdc74bd7b56dd2841017b9cee6c575edd696844c30662a8d3acfa8432dbd740

  • SSDEEP

    1536:MrCmR3jff5Go1kKaR7qLbwnYYYYYYYYYYYYYYAYYYYYYZjYYYYYYx88N3z:cCE3jfhGLKY7e8+z

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2