Extracted

• • Target

    46de9cbb4262359716d46e98a8d76ecf0e9a60638ef0f3aab3c2c5b698aecfe2

  • Size

    112KB

  • MD5

    355c20aaee661f2be3cd2dc35dfc0c5f

  • SHA1

    9b4a3232c90866ce74b9a975a9893a00acbfc4d2

  • SHA256

    46de9cbb4262359716d46e98a8d76ecf0e9a60638ef0f3aab3c2c5b698aecfe2

  • SHA512

    83d765bbd9063b6adf60de66f3521efed51e1a2b717813c83a9af14e13f98cdcd6417110cedb13b6acf330c6b9b7a1ac98fa2975eafae11fe66b7b4f0594b99d

  • SSDEEP

    3072:YSwx+4cmdjJpRSwsR2IVKT1Fhr1RhAo+ie0TZ:YhQ40YC0bhr1R6xie8Z

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2