Extracted

• • Target

    bdbe581dc51e9f929f93c40bb203c1e2905ed3d63f9d9747e9a3e42939818e61

  • Size

    182KB

  • MD5

    96c4fdcd019bed4667beba659e0dc7f1

  • SHA1

    c1157bbcca293092e317ce5c679b3e97e65b364e

  • SHA256

    bdbe581dc51e9f929f93c40bb203c1e2905ed3d63f9d9747e9a3e42939818e61

  • SHA512

    27d8fe47e835a9b2c63e5d2075bdc463899167067567758280fc77c04ecb6990809d261cc2a02588e0fd14055c3a51556e7abae0bca6d60dae4ae7815b79324e

  • SSDEEP

    3072:Quv3bSZwP3hJuaQxkhFR2lLBsLnVUUHyNwtN4/nEBlMdQ94V5AlL/x5RlUlLBsLz:FSqPLakhFRnUUHyN4lMdQ94vAlL/x3lH

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2