Extracted

• • Target

    afdd673239aa1986858ac21ff21fec400208bc9583f9acccbeb45a90711bdcbb

  • Size

    45KB

  • MD5

    29e7a81aa1b574eda8d22990ffafece5

  • SHA1

    7ad923562c9b8ea1008b98fca843b330adbfe6fa

  • SHA256

    afdd673239aa1986858ac21ff21fec400208bc9583f9acccbeb45a90711bdcbb

  • SHA512

    5066b759979cc9213e187ebdada3cd7af2b91c1d141e29730c91404fa627dcef3e786350f7b4e81a4b8b9f4b9b1e072d540b8bf73ffae7adf975bd47198ecccc

  • SSDEEP

    768:YxE+NI3R0VJ04pqQIW+PSUHTbUvFMY0HE/Aw6CTJABd2a+imKW6eCGqZNh1wgOI/:YxlNI3CJ04pqQIWwnsNMY0rw6CTw2a+a

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2