Extracted

• • Target

    bb74782a4243f012600c832970c71baced5d4803e7cf719d9e1e341de2cfcfeb

  • Size

    194KB

  • MD5

    2d605a8fb44c1d13aa59dba2702a1cf8

  • SHA1

    7dfb0036921bb06e266e10f4a7b8bc5029b6d815

  • SHA256

    bb74782a4243f012600c832970c71baced5d4803e7cf719d9e1e341de2cfcfeb

  • SHA512

    d2741bd3709eebe185216267b6fea5298d38c32a6f1623c94045177aa30ca1c59d62a48c400b67849744be97b6fa124029dd65e478f1d7bd19da9a8f93ab7a7f

  • SSDEEP

    1536:KEsek9WVRAEkfFvAIli8ZatMIM/5/KEatMIGuatMIc/zT4a5GV:7w9WVSRFv5nmMIM/kEmMIGumMIc/1GV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2