Extracted

• • Target

    473142173cecd2091bc71409a6581f08eb82d6acde75f19fd02f4fa602e12d33

  • Size

    67KB

  • MD5

    42f3b3205d5a6bc88f32a3c5f7ecf572

  • SHA1

    b02b5e9e392c377f16bdf324b99e350a6a8723dc

  • SHA256

    473142173cecd2091bc71409a6581f08eb82d6acde75f19fd02f4fa602e12d33

  • SHA512

    90833c35773fccdedf49a7ce524a2f68682350a30fb3fce3b309901e1e2a217e231c69f50e2cce595acb88b32d698b495c632eb724c9b2ebc97c9461d03b4011

  • SSDEEP

    1536:JlBxxfeeYziDLbuH+AmjyIslsJifTduD4oTxw:9Pe/cba+MlsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2