Extracted

• • Target

    419c066cf6a52c9b668efad332fd161669e386c0a8d955a832da44eb0b4c84eb

  • Size

    45KB

  • MD5

    fca73d133b2dc1a3d82939cc345f5bca

  • SHA1

    fa16e51e7a5697ae59c2ca76565f6f3444fead33

  • SHA256

    419c066cf6a52c9b668efad332fd161669e386c0a8d955a832da44eb0b4c84eb

  • SHA512

    8270074ad120917a7efc579590b9c4cbce66ba41f18396ea8553bb18c71324766f428e0a640119f3259744a9a25f1afbf39a32513fdd351665d889cfba919ff9

  • SSDEEP

    768:+W+brOEEPMPsc7VRwSEVSNFp3jkEHxPjof2IzcfFjEv++GWfX/1H5Z:+W+W1Mku/wp+Fp3j7x0vcdjEv+YxD

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2