Extracted

• • Target

    29c7a5e792165576da6bd417e4e59e10dbf8eae33f110986fc0a7de21e651790

  • Size

    42KB

  • MD5

    8ca6b6f180f5dfd1a5b3f9e5430db026

  • SHA1

    9a4d508efcf4d68d5985519899a45750f304ff1e

  • SHA256

    29c7a5e792165576da6bd417e4e59e10dbf8eae33f110986fc0a7de21e651790

  • SHA512

    9d0feb1c7b44bd8cf1125df81c1d3e086a2cfc225d0a5647d107bfa9a71e742d5a6add5117cce92f937c44d4c50969bff3728e7a81309ed846423ce1e53a1a2d

  • SSDEEP

    768:yYo0jt1H+Sco58vH3StFIbfK6EitN5w8WyvGsrMoF1bWOp706GhT/1H5K:00jt1e7o0Him2opwtsoS16hF

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2