Extracted

• • Target

    7937467e8283bb3ed7a7ca55bfa4d972a106a9498a4fff7afc7c82c094cd353c

  • Size

    96KB

  • MD5

    89ec17d3b89124e5458c5876fb1e7d4b

  • SHA1

    057d3e1b7ca42fbe421af338f25a79cad7935aec

  • SHA256

    7937467e8283bb3ed7a7ca55bfa4d972a106a9498a4fff7afc7c82c094cd353c

  • SHA512

    3a0535e42e55e0038cd394b145913dfdee72c8167378078e2a40641726b0836091745c3fb65aef95a98ee7a389321566fa2219099600bfde594b36812f01524c

  • SSDEEP

    1536:Goww4MxQUvvvmaiuO4JjgpubUNzVB29nuB+CugQRQ+KFR5R45WtqV9R2R462izMR:DZvhtrUNhI0Qe+SHrtG9MW3+3l29

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2