Extracted

• • Target

    d57663f5d686bd8ec4aa7bfa89d631ecd04d13be29fe553bed3171cda64566dc

  • Size

    128KB

  • MD5

    b1f4a5862fc4ebe468c84447df2fb2d0

  • SHA1

    40722327c509b92f1a7645b66281ab91fe90db57

  • SHA256

    d57663f5d686bd8ec4aa7bfa89d631ecd04d13be29fe553bed3171cda64566dc

  • SHA512

    76942c47d05f972de3808245fed834bd94dda4296bcbe8dcc17eea05e7152c6037ffb68a50fefcf9955fdec9072e1a19ebbd53f01d70c46f6cf36a3569210678

  • SSDEEP

    3072:SqaFhecYrqKzgUXQXUKG7UDd0pCrQIFdFtLQ:daFhe3q/UXMxG7Ux0ocIPF9Q

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2