Extracted

• • Target

    25cae8467cb3377885d7e41fbcec036546e52ca6097405e64d9ba0dad8096beb

  • Size

    77KB

  • MD5

    c0f59285e0e7a1e820e82f0963fdd9ec

  • SHA1

    d61f499398f2707ebd1e21e1ea8581afef0acef1

  • SHA256

    25cae8467cb3377885d7e41fbcec036546e52ca6097405e64d9ba0dad8096beb

  • SHA512

    68aa5d803911e42f0e7082890ef90533116f83b9ecffaa0debebfbb4046450ce246441fde06e0f83429a684adf4823da65dfcc816872b0d38fbab3183f031156

  • SSDEEP

    1536:fQVn/WywQv2jhd7S+Ovh2O617DWkZFfScD7SzCbHWrAWG:f8/JwQCM+OvAOuGkZFfFSebHWrHG

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2