Extracted

• • Target

    63a94212d81e23583282c833534e9699d32bcd22fba6eae7da122b7be44a5cac

  • Size

    47KB

  • MD5

    f065053e75f02798ba962c1102dd72a6

  • SHA1

    1ac85a6348ca2a51711e153bae0bad5e467d2dfb

  • SHA256

    63a94212d81e23583282c833534e9699d32bcd22fba6eae7da122b7be44a5cac

  • SHA512

    c723c52728f939363bef0b05536e624f65d14ea33544d58a125ae58bec94319d16a364bf167d5c61f0981065cacdeffc63d75ede13341772bf90a3c405aa7168

  • SSDEEP

    768:/DKpg8mRu7pPkPBUY2FfRmbrN/xjU5fpeYZHME9K2Q4D0pCYn57Vmvn/1H5kN0U:b6gzRu70UthQbh/UV/Q2Q4D0pRn57+5S

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2