Extracted

• • Target

    76ccb84f37c49ea2083b3c5ad8cd9dc61100c62e6e5a4f1d275bad7ab85c8532

  • Size

    88KB

  • MD5

    a7b9944cfe78345f119de84227c9e104

  • SHA1

    a3a33adcfab310a66399112faf5200af7e01b930

  • SHA256

    76ccb84f37c49ea2083b3c5ad8cd9dc61100c62e6e5a4f1d275bad7ab85c8532

  • SHA512

    fae3d6110a212792bc3623296b469f5115ef4d6458ae74cc15f1f1d09665acc006d232f2aa1b9f47f9d3461981bdf9c37505e8345891bf38ebb2255e2c7bec1e

  • SSDEEP

    1536:zsEgdXyMMbpfScZefwFL8QOVXtE1ukVd71rFZO7+90vT:zsDdtMEcZVLi9EIIJ15ZO7Vr

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2