Extracted

• • Target

    627eca290a3169cfa8ec352db0d4bdc346b5e37257affe202269c7831e159005

  • Size

    64KB

  • MD5

    a1d6f8efae4478eaed0839ed7da75662

  • SHA1

    54a445293b5d8422cf086516d33a3e5467cfe3a3

  • SHA256

    627eca290a3169cfa8ec352db0d4bdc346b5e37257affe202269c7831e159005

  • SHA512

    2f84b57c87826f3a4b40b4a4ca5a579d9eaedc6c223992ad627aadfe9db5fa6cb25d0dfedf67b22509a8a9c2573bf5cc116cc24f43982da23978f1c97dcd8259

  • SSDEEP

    1536:uHMFw5VQg257h2R3Fs2dLpvi9CdQ10Q04UX+Wht/XUwXfzw3:uqmh3pvi9CdQahdPzw3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2