Extracted

• • Target

    702172e43fad561932af8ecd63f2cb12667a6648d552a16839b258d21d86da12

  • Size

    363KB

  • MD5

    47a4a3038f185ad2d43da8173907603d

  • SHA1

    20faeabd57e113e50fb9b7e2a00505abec697d2b

  • SHA256

    702172e43fad561932af8ecd63f2cb12667a6648d552a16839b258d21d86da12

  • SHA512

    ee2ca37308b213cf7507c29f35b6ef52e1b7840b908a8e3acd7fbfb2417a5dc10bb6f8edd0069cdb2634eb980c5eca8b3913d5319a5dc1c282a8406f43cec710

  • SSDEEP

    6144:33W9aNIVU5tTbVXksax8n5tTDUZNSN58VU5tT:33W9amG5tP6sus5t6NSN6G5t

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2