Extracted

• • Target

    91cef1fc89762a2c68fd4d0b588894db27c7ee6937b08cf69a2a7d744b6ea13d

  • Size

    128KB

  • MD5

    5a0541a28eb8df7bb90cd926cb933d86

  • SHA1

    8a5c2e742b8bdb7745d0cdb41dca48b0b57d4fc6

  • SHA256

    91cef1fc89762a2c68fd4d0b588894db27c7ee6937b08cf69a2a7d744b6ea13d

  • SHA512

    4676d806839a7dce88210865550b156d97478adfe066c2fdb333e4cc158aae07d2501accf2e705235bb9282a8b1fdec38baefba1e823522fe1ca4c000762fb85

  • SSDEEP

    3072:3dwPR7n6gkM/fES1dzsYu15wKQnabwf1nFzwSAJB8Q:iPRTk08Adzhurk31n6xJmQ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2