Extracted

• • Target

    8be479518d5a7719ab10e3b7efd4b3e574a391eece2c613a8ee3a46b91290202

  • Size

    90KB

  • MD5

    4871dd4e9be515a2127e855f7104fe64

  • SHA1

    bbd694a8184e1b551185bf6b9ea1bb05e3edd4e6

  • SHA256

    8be479518d5a7719ab10e3b7efd4b3e574a391eece2c613a8ee3a46b91290202

  • SHA512

    cd20e021786529d4e5dd52b9e07437ae224adf61978a7264314552d3f3ea5bda0cc3a28e46e053c0a9d8a7993e79ab11d904bae362e7a2238e161b2930fd5eec

  • SSDEEP

    1536:8+Aw/IMYd542K253df9WXMWazprCkgt1v14I9yVnQQC4fl8k/7TZP/:ZAw/IMYd5xIFd483T498a7TZP/

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2