Extracted

• • Target

    028c5b5382d0a412aa4b7b68b7f9d51da4c6cff768aec72d6bbc349d5ce41adb

  • Size

    84KB

  • MD5

    fead3fd66462e4445b64002b822cfb1e

  • SHA1

    639f31bcfe6f40fd30ca640fc452409e649a1af7

  • SHA256

    028c5b5382d0a412aa4b7b68b7f9d51da4c6cff768aec72d6bbc349d5ce41adb

  • SHA512

    a502932f71e493063cac97689771379fb6b33f1de748f5e9f9c59aaa5ba6ddb1db370173906c7fff5e516331c90d47751a8e904bc395efc4d26d746820095ea8

  • SSDEEP

    1536:IZ7kses9H28xg+YZo7Tf1cc1XjgWbMDUguGinXSREXHfVPfMVwNKT1iqWUPGc4Tb:228xEZiTfxhbMFaCREXdXNKT1ntPG9pB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2