Extracted

• • Target

    5027a347ecbd8c27bab1752e4446cf5dca623183771b78ba8538a7ed39649f93

  • Size

    64KB

  • MD5

    55389859369170a1f808bfce120b0d8d

  • SHA1

    279151128a75e016a1b79d6a6f359cb9cf179260

  • SHA256

    5027a347ecbd8c27bab1752e4446cf5dca623183771b78ba8538a7ed39649f93

  • SHA512

    8cd78413841e0fd8dd7127e96158e7fa9301ea890cb86883b230280e9c9cd733a0dab2277ec894d5c15e4cfbfc027d9351b09346e08aae9497fe9cc12104f4a0

  • SSDEEP

    1536:T15AJar9ki4QtLVLbwnYYYYYYYYYYYYYYAYYYYYYZjYYYYYYx88N3r:Tr/h8+r

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2