Extracted

• • Target

    2f9835f7bbe664814be42a2a302a708b31f3a0a8358af6bd1f728e155cb14f47

  • Size

    97KB

  • MD5

    8eb51f03d41e8a13b5cb7a61ed6951a5

  • SHA1

    32db3180cd7e5d406dd6af076d82c0f1b7dc6e42

  • SHA256

    2f9835f7bbe664814be42a2a302a708b31f3a0a8358af6bd1f728e155cb14f47

  • SHA512

    d8e02ab1c7f2993f1e22bf834fcd591c8c7e1993d5dd1c955b49fa2ff2d6095e310c3da5f49eac2a2ab631448cc65299b2b2bc2c4e49a7beb972e6dd1f8dae98

  • SSDEEP

    1536:SCRqe+7rejogodIY7NJT68zRzXUwXfzwE57pvJXeYZc:UreudIY7/T6IR3Pzwm7pJXeKc

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2