Extracted

• • Target

    e0438c18b782dad2dc631dd87bcdc72ee8b881d3c27e3dfd2e13c3afade9b814

  • Size

    360KB

  • MD5

    b27d1cbb6f9c707ce7628b431b083400

  • SHA1

    57a43332b05a4d2c10192daf8792b0bf2b24262b

  • SHA256

    e0438c18b782dad2dc631dd87bcdc72ee8b881d3c27e3dfd2e13c3afade9b814

  • SHA512

    9fcbbfd623dedcfbf95b77bcc055533863351a23489a93d3efcfc0ddcaead2e3119ad83575a2c440a8d8f03ad92c22e7ce184391e5d2bcc0473353087f292bf7

  • SSDEEP

    6144:ZddusUCpX2/mnbzvdLaD6OkPgl6bmIjlQFxU:ZddunCpXImbzQD6OkPgl6bmIjKxU

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2