Extracted

• • Target

    408bd66b79458acedb3458df4bc953f3913aa3d30841c26c8860b350e741e6b4

  • Size

    128KB

  • MD5

    a607b818f0eee5c855aaf9b7a621a925

  • SHA1

    07438f9df2f86fe9be8484413de228de5aa87f5c

  • SHA256

    408bd66b79458acedb3458df4bc953f3913aa3d30841c26c8860b350e741e6b4

  • SHA512

    443012bdd5c56407456d211b62ad3a11b89528b1d86606661e4eaeb6c27c46379fbd92a17b54107d3503dead5d04c969b836d1d801a7234067d6973abe1a0f0a

  • SSDEEP

    3072:DU7gcMBJ/4AIMQoQpQoQoQTQTQTQH9aIp2PKG7UDd0pCrQIFdFtLQ:w7pMn/LIMQoQpQoQoQTQTQTQElyG7UxK

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2