Extracted

• • Target

    25126265981d6528f032830d7f2ba2b3bdd1dc7d306b85b4436e2c794ab750e6

  • Size

    45KB

  • MD5

    b66cb5966883a1087e94fdfa277b9fe7

  • SHA1

    12eea513b952f37a9a8947b29c473c20947381ae

  • SHA256

    25126265981d6528f032830d7f2ba2b3bdd1dc7d306b85b4436e2c794ab750e6

  • SHA512

    3a60acbf0126a590b28cc3d7832a25353ff4ce6d74129b1e4b48c642990e19e0a2cca37d3004e59bb2d41cbccccf1f3246a1c5bedb788775b5b9729511d41209

  • SSDEEP

    768:ffu4hhsSsgT3cHeCsjspL1NIFdbYq3TG7GGdRE4NacoaNF2/1H5y:fG4hh3sgYHnsjsp6eREncdNyA

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2