Extracted

• • Target

    88f413a1e3bfae53cec9d86b5e7095ab56fe4aeb7f5f00f930158a17b3a39be4

  • Size

    90KB

  • MD5

    d0bf51597ccc2567bc6a8804293a345c

  • SHA1

    e5eb00a08c3cadb1fab7db6c761b6a33da2f302a

  • SHA256

    88f413a1e3bfae53cec9d86b5e7095ab56fe4aeb7f5f00f930158a17b3a39be4

  • SHA512

    a6c9fddb38f2b0fa0a987f57d6c3025fd8e1f99aeb8a928a8a74653751e6e27c2d9f68388d48538c84d6578f2947e0341e772d44616409c2f0d5f896db1dd384

  • SSDEEP

    1536:3JZHBo5LZTRQk2xcoR/hHI9yVnQQC4fl8k/7TZP:Z9BsLjZ5GhH83T498a7TZP

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2