Extracted

• • Target

    fdf1025251d76911876cadccb41a9f40406727cba56bf78285b0e4f5c0ce132d

  • Size

    97KB

  • MD5

    eee132af74a71d11428dd3c3728f474f

  • SHA1

    31fe366e4e5939cc83e6bc975b02c33125279451

  • SHA256

    fdf1025251d76911876cadccb41a9f40406727cba56bf78285b0e4f5c0ce132d

  • SHA512

    9e0f605d9c3ee8ad275d6456e0f0b6299c5e3d4cc41edcc2ca122e8f2d3a51b36b0671893356901175fed5e468766cc24f2e7fdd281ffdd70c3b63bc2188cacb

  • SSDEEP

    1536:AqrRX5Rp6GRRudPgntOlebtER5+XUwXfzwE57pvJXeYZc:PNXYfdPgtOIER5aPzwm7pJXeKc

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2