Extracted

• • Target

    26c61c7b80102f59bdffb2b9666979d6ccae706fefa9ed252d26699009d708a7

  • Size

    45KB

  • MD5

    50a64630337d01e89217c7f0baec3847

  • SHA1

    70810e5f5a8b1300abd1cbc01bd3576fb580513b

  • SHA256

    26c61c7b80102f59bdffb2b9666979d6ccae706fefa9ed252d26699009d708a7

  • SHA512

    a42d1d61bbd65d40e9ad230410c25aecf8e2f207fb90682fc564f046ddb1204cb73e9080eed7c1f5e6208a8f62b8be0fb4e5830d931279c08160d10717d5ea27

  • SSDEEP

    768:XPqeepg/X2bTiSaxPppQoPAHnJ6ym1kvBhSs/1H5:XCeep6mPatwuCc71kvCi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2