Extracted

• • Target

    6c07549b4eaac48ab076a91f3c2b97a7fcff0a4ee72fb6cce2f28ec54c321256

  • Size

    67KB

  • MD5

    5260f822d28b9e973d59db7db8d90bd4

  • SHA1

    340bdfe90a86619e71f36a27e9a20921157761a9

  • SHA256

    6c07549b4eaac48ab076a91f3c2b97a7fcff0a4ee72fb6cce2f28ec54c321256

  • SHA512

    1f0e94a09a3076b6b4ec5b74ef592f4d0c3bf447e076b596891a29fade7854bbc94c13004c61e47edb89d3a58009ec366cd13952b46c042b40a4fa73142a107e

  • SSDEEP

    768:x/Mxi8056811R64LVf+Ih1Q1zX/1H5r/FEVErME/feYvn1q/D2ZuAx0GoEkE5Awp:x/4i80ZrLV/h1mdtFsJifTduD4oTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2