Extracted

• • Target

    3fec6e27522619a96fd851fb9d2c304c430505e38a3510206742e77644987ff6

  • Size

    85KB

  • MD5

    fd805465f9209402c3c74b057c9cf9bb

  • SHA1

    efad3833101cf6e5502d31f007c5b19b56b33db4

  • SHA256

    3fec6e27522619a96fd851fb9d2c304c430505e38a3510206742e77644987ff6

  • SHA512

    ed31bfefcd2246a3fb503644687d3bd3608d52cfb136e72c77b01ba4dbf8656a07e446fca53696f7204164e1c971569e79fa75ce375a2ff8724b3fff3ab2444b

  • SSDEEP

    1536:19/Z3NdFwyI3IS124x5lO7uXcNvvm5yw/Lb0OUrrQ35wNBB:19/1A3D24U7usluTXp6B

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2