Extracted

• • Target

    8225798d0af23a846398774c683abbf7d0ab96803355bb27b2a4797a9e27f8fd

  • Size

    1000KB

  • MD5

    d4f9f7074e0f0cb9fbb8d1cf2a10b01f

  • SHA1

    d1fe6c2ccc0c52665e6bf560ec07881b31973302

  • SHA256

    8225798d0af23a846398774c683abbf7d0ab96803355bb27b2a4797a9e27f8fd

  • SHA512

    7a0c01f37daa7928c4c536d819ee5a68b8b99f39f0d519a7b89d9a8aa250dc68d88c9b492cbcd3a16b8fc238ca4fa5578ac366bfa9dd6d611774c13c31db396e

  • SSDEEP

    12288:i9piSTtHBFLPj3TmLnWrOxNuxC97hFq9o7:i7JtHBFLPj368MoC9Dq9o7

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2