Extracted

• • Target

    59d6decfdf7cd83c6b982d59fbacd3e5483d41e9a196ec41c165bb9ee9655353

  • Size

    69KB

  • MD5

    4839defa7c0fefe15e75213516647682

  • SHA1

    57b36a084915c1bf78a3c79f6f9b9793a9ab07f1

  • SHA256

    59d6decfdf7cd83c6b982d59fbacd3e5483d41e9a196ec41c165bb9ee9655353

  • SHA512

    d96ee14e41e8585c2c4fb2fb1e980b152ffac8c223b8a864f5893f0efebf870da1b6ffe35ad5c1b8790ebe497a888ba7332fdda731e14c42869530198e16c8cb

  • SSDEEP

    768:iBuSxaIV3y4bTP8wmYtihdp3XyKI/JBmZLWDNPq//1H5R+1pYmtxj0UDYFiqlk/p:iJxPbXilXy2ZqNPqopNein/GFZCeDAyY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2