Extracted

• • Target

    8ac5826586bb3128142575eab1a154ddab7414257d0fe052ab3b2b5413f12a7b

  • Size

    67KB

  • MD5

    4b93a69b3e5f0562b0c3e0830a73e3ed

  • SHA1

    7fa1e1887407242e3f42293ec6a1dd9239e545f6

  • SHA256

    8ac5826586bb3128142575eab1a154ddab7414257d0fe052ab3b2b5413f12a7b

  • SHA512

    0614b6f3b51e815121d7bd8b085ad63127bd432c492837ba3ffce3da5f4826faac429960d641be079abd211f1c118397cf94ee562f5bd4036b9cbf443f47a100

  • SSDEEP

    1536:W4eRm8nooRcODjF5gAL/uklwsJifTduD4oTxw:WDRmx3OPPga/5lwsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2