Extracted

• • Target

    531d0d599c6d325e91028f9e74e8208b5016d961b6125ce7e47a9ff64f66fbef

  • Size

    276KB

  • MD5

    7f9d25bcb9b3004d8c8106f7c3f1ce92

  • SHA1

    b072647e19e17d727bbe7d644ea3dd7acacfacfc

  • SHA256

    531d0d599c6d325e91028f9e74e8208b5016d961b6125ce7e47a9ff64f66fbef

  • SHA512

    e9d65c73c0cec4144f2f82c4663d430cba401a3b3680d6a663aa82183642b453491b0c6713af6f25ac064f463690ea5466334974f4bbf218b2bedab0d778ffc6

  • SSDEEP

    6144:VNr6DklFdWZHEFJ7aWN1rtMsQBOSGaF+:nr6K2HEGWN1RMs1S7

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2