Extracted

• • Target

    478b07a91ca363b1b9f71bba8b3f256ccdfe4a804d193e9a981cec135ed1e105

  • Size

    64KB

  • MD5

    a6f99f4a54740a802772c3015fa67358

  • SHA1

    9b7e134e1e11a89c127b9f8e7aa60590e5949828

  • SHA256

    478b07a91ca363b1b9f71bba8b3f256ccdfe4a804d193e9a981cec135ed1e105

  • SHA512

    3b93b426c316d5394badbe2f4a00c5da6b52db7d93fbb72fcd7e405609b041c13e02568cd7ebe15f69ace26d2c5fbb317f5404f2e42dcf39a05852120f16af8c

  • SSDEEP

    768:XoWm6WBT8kxG+IKjBzg/OUAQVs3hX/1H5Ky06XJ1IwEGp9ThfzyYsH3:Xlmph8kg+IKjBzkVs3hpLdXUwXfzw3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2