Extracted

• • Target

    7859712a3c06474c319bcfbc0cb5a74602642af9f2402813484bc680fecef58c

  • Size

    91KB

  • MD5

    4e87a6098f3ba13bcb147885fb5d6ec7

  • SHA1

    00fd1071998167b1e49ffb508cd54e416da9a9c5

  • SHA256

    7859712a3c06474c319bcfbc0cb5a74602642af9f2402813484bc680fecef58c

  • SHA512

    a3ae5e5ea0b3b5fbff3008adabc170973fbcbbff7834115fbcf50cc915c05e829f01ba0f2df18d3087f40ec48d2b3aefe1ea28627302b94e9b37a98c07823efb

  • SSDEEP

    1536:Sk1HnGGs2mBxS/vbGUZWTsg0HlbqzNkllLBsLnVLdGUHyNwtN4/nLLVaBlEaaaa+:SktGGQTL0HlOellLBsLnVUUHyNwtN4/G

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2