Extracted

• • Target

    649a477353dda7453495cab4456eccd332978c8cc4af4f7208a116788751e8ee

  • Size

    409KB

  • MD5

    e62cc089db214cee9bedbd3bc0459f59

  • SHA1

    ff823e9612539736c2c1a50aef1831f32b58d8e8

  • SHA256

    649a477353dda7453495cab4456eccd332978c8cc4af4f7208a116788751e8ee

  • SHA512

    cf76e88d4aa38f15394bef70612f9ba3e038cd61f6d6594a32ed404b5bb3e264ad8369128e041d3bc3a6bf8cae0d6bf1a68333085e3584b6d4b9224a4e50a1a0

  • SSDEEP

    3072:Ts3zy3mbauy8/41QUUZm8/41QrAoUZ4pWLB51jozFWLBggS2LHqlhTZNAqWBWhjl:73CaEZgZ0Wd/OWdPS2LStOshOWdPS2Ln

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2