Extracted

• • Target

    922373e492aed00b7cb42ce4c44372c54700438de90012d1933621a974ecb0bd

  • Size

    67KB

  • MD5

    0e95c4bcaadf05b8d77650b6a456a2a4

  • SHA1

    4f205d43325ecd6cf7f0cbf780317381527b60b0

  • SHA256

    922373e492aed00b7cb42ce4c44372c54700438de90012d1933621a974ecb0bd

  • SHA512

    1a537bc271145b64bc61a62ec4f1c9ff3b1244046901e9ff3c349c0402cf45fdd3e60f0d4aec5d5a9a4efff02869de902589f3c43d8b4029dba3844d488d7d38

  • SSDEEP

    1536:+pPrS2ey/XkObcn8axoE13sJifTduD4oTxw:+pP1eCUIams3sJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2