Extracted

• • Target

    ed915a63e39d232decd23dd74c4185f90e1d501335da7c9bed7450ed55df9371

  • Size

    92KB

  • MD5

    585ec993808f6f3b85f0d064883a7e82

  • SHA1

    67433c86c213477e7b57793e68d11945773246e6

  • SHA256

    ed915a63e39d232decd23dd74c4185f90e1d501335da7c9bed7450ed55df9371

  • SHA512

    855e3309ac4935800fd338ecd2737d29433246982f41ee99cc35bfef9dfef365eb00c6a319f4ec88d3f691ddc97d19bf5404f0bdab47d45c5936bcb6c16943f0

  • SSDEEP

    1536:nwDBy2dJzo2yJl8zhedIz3qo6+L7fN2dG+eo1xC0GZFXUmSC2e3le:nwcSz/yUIdIbqo6+L7l24ho1mtye3le

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2