Extracted

• • Target

    0c56b73d94e14593e0babceebe5503e770d6b28919fb28fb621ac3b864eaef50

  • Size

    64KB

  • MD5

    36932ff9062f82fa60b2c6b6f363a804

  • SHA1

    97ea9cd978a248a0d57b47794573acbd7b19f56e

  • SHA256

    0c56b73d94e14593e0babceebe5503e770d6b28919fb28fb621ac3b864eaef50

  • SHA512

    d9a55ebb038c139851087ecc5d9ee0d77194fbd39ac1a60c1298c7df97de77cfca2b5dd1fa70093c5812a2c05d44f944f402988da86871e7bbad939903f30c9b

  • SSDEEP

    768:Ut9uwxCfXtJPKD2p73aFMZIaOOOolFja/1H5JfICyxlLBsLnw0ZFdGUYyykfWvoy:URCfYMZ9llgmlLBsLnVLdGUHyNwy

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2