Extracted

• • Target

    e8985fbf1a5d1239668e029a8f41c3208e28308e990c3e9e7b3a104f09449d79

  • Size

    64KB

  • MD5

    ed7950b1d8225b990506c2dfb148c38c

  • SHA1

    bf31d876a94b7182f342b822e24392a4fcd48170

  • SHA256

    e8985fbf1a5d1239668e029a8f41c3208e28308e990c3e9e7b3a104f09449d79

  • SHA512

    7c21ba5bb8bb7a36101924e82720daf06affe5735441c6b9aa44bd5a4d47d826e1a60b96c599972290520efc07e32a91199fd05672023a94a3be7e18ccc3cef1

  • SSDEEP

    1536:Hqxmaj2VIuF+tTvwfSlLBsLnVLdGUHyNwW:HMPjI+tEfSlLBsLnVUUHyNwW

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2