Extracted

• • Target

    4d87cfe16eb1b8b224c7f4821a400bb7ab7ef920456a0105322dfe806cdbd4a9

  • Size

    344KB

  • MD5

    33daac3e2c5183e39460d5fd2482c6a2

  • SHA1

    8db66af9c7e4520a3dd5194755252ce91811d398

  • SHA256

    4d87cfe16eb1b8b224c7f4821a400bb7ab7ef920456a0105322dfe806cdbd4a9

  • SHA512

    37ed1638e3521665ee346e9372daef635af9b0baeb6b6e1b4080e1e6a8a80f5bc3c33eec180a135e4930f634aed31fbfd49e36ba241c150c9fc3d417809521ea

  • SSDEEP

    6144:tjXVl/+CpX2/mnbzvdLaD6OkPgl6bmIjlQFn:tjXVlWCpXImbzQD6OkPgl6bmIjKn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2