Extracted

• • Target

    56be6aa883f1d242a9610a98717fc2bca5bbd238fd5184a9acf2487a782b839a

  • Size

    844KB

  • MD5

    b2227265601e058673f80e5c3c76282f

  • SHA1

    54bb5f361f5a907e92c99514e14490d4c9948f11

  • SHA256

    56be6aa883f1d242a9610a98717fc2bca5bbd238fd5184a9acf2487a782b839a

  • SHA512

    e960147835f5144deb2dad59521c7cf69da17c22ed693c64cca93b53ed79d7c87d43621fd5fac2e652fd426ec719a7d309de50ddb8940c1a8222a7a025c02e81

  • SSDEEP

    24576:oGnyH5W3TnbQihMpQnqrdX72LbY6x46uR/qYglMi:oGyH5W3TbQihw+cdX2x46uhqllMi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2