Extracted

• • Target

    cfdfa76907adccdd8c4e65089b4a4381bf455b5ba66d9ac61a6ea3f7a6ef9650

  • Size

    67KB

  • MD5

    6d2df97e73c609918f5e9fe39dd54733

  • SHA1

    39cd38ac4e1cc884a17651d0c5e139174cd9f81b

  • SHA256

    cfdfa76907adccdd8c4e65089b4a4381bf455b5ba66d9ac61a6ea3f7a6ef9650

  • SHA512

    23a1b5f9b69857ec2f6e894ac75d19721124275aaa0c33c98b25398d369c6abd89130c7a2c80f99bbb329f61e871465b84123fa84e784695f60a21281f836f9c

  • SSDEEP

    1536:cvb9+6KffTSh/ggBrsK5TJusJifTduD4oTxw:cD9UjQ/Z/5UsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2