Extracted

• • Target

    163aaa94372a45e3d2c890f97a888f5815ab01563721fc26e675ab45a1910322

  • Size

    264KB

  • MD5

    c4a88550d0121ff1926ce79636833895

  • SHA1

    78148c94a85d3750e0e7f7f58c3aa668e09c1781

  • SHA256

    163aaa94372a45e3d2c890f97a888f5815ab01563721fc26e675ab45a1910322

  • SHA512

    6720fe2a31bc5e239b7446390c7a12d6003fe58ff42c813ddc881fc879fdc018bd5505fb73c5ba5c025f6e10b657525dd7acea54b61a501df2263707563dd0c7

  • SSDEEP

    3072:s23tsU8Mr24ho1mtye3lFDrFDHZtO8jJkiUi8ChpBhx5Zd424ho1mtye3lFDrFDs:AQgsFj5tPNki9HZd1sFj5tw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2