Extracted

• • Target

    31628bfce1142a4362fac20e8f695b2352ab3bacf4a61e73e850adc6d9d1bea5

  • Size

    69KB

  • MD5

    adee04a9fd64391a73046d6f3f6b2df8

  • SHA1

    07f6a78b0e6d0796a13cfb9ca2259b6a644a0f29

  • SHA256

    31628bfce1142a4362fac20e8f695b2352ab3bacf4a61e73e850adc6d9d1bea5

  • SHA512

    0f283d673540f453f64690b0848004027f6e47dc6a9e11a11f3b6bf80b64b5babb9c5bc9adcf52e7bddc98e5c693f58c422642ba9c11b63a8679c57169f69f20

  • SSDEEP

    1536:OLxZ1WiLsbz1j+c3B02Nein/GFZCeDAyY:OLxZNs3YKe2NFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2