Extracted

• • Target

    d58f27588fab7924e7110e5fc662d243a6bdd426f1d7f2cbe79bc5ffed0ee765

  • Size

    108KB

  • MD5

    d7c1ad18428ffcf6f695efd8c1759f19

  • SHA1

    f682bed0c690fd40b52d8fd2bb38dfe46df49038

  • SHA256

    d58f27588fab7924e7110e5fc662d243a6bdd426f1d7f2cbe79bc5ffed0ee765

  • SHA512

    c67b7c22335b57f05c427d165bef307d016afaf9dbd3688a5a08a1db5dd3ec491d1ca59961517ba9e363e30877fd3c9fde29a763babde18546b4d566f7ef9153

  • SSDEEP

    1536:ji2LLCnAw1zEeGFAn1M/2MKkjDlHjTMwB+rjm8NiIqhn3HQ8BawTj2wQ3K:2vNIu19fkHlDPUjmOiBn3w8BdTj2h3K

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2