Extracted

• • Target

    4f0062961db0f58d5608c91f91f3e7c8929f137bcd1b941451d644828fb8f843

  • Size

    194KB

  • MD5

    c647eb4d638eaac1b4e0f1260b6fd1c2

  • SHA1

    7d10d9a767836b1b04f256a614f294bc64d0d9bb

  • SHA256

    4f0062961db0f58d5608c91f91f3e7c8929f137bcd1b941451d644828fb8f843

  • SHA512

    fc5a6047c703abe4e3f3e884cb19ee9906c35b676e3c5a695628806939e39be09389d7956fb305d08277c6427ccc0d9e003f1a107e102fb3d16c1249d53ae94d

  • SSDEEP

    1536:UGvoSIs+pD+phGQxZatMIM/5/KEatMIGuatMIc/zT4a5GV:n1wplQXmMIM/kEmMIGumMIc/1GV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2