Extracted

• • Target

    d9c9ccafc75e1d7f7ae7a20358465a2599ca2a84bfd81f162c37bf3f143d8a6a

  • Size

    55KB

  • MD5

    29e4791cff9767b9004730c9292cec1e

  • SHA1

    2c893170e0f8a158132cea9f2367f25d242cd0c1

  • SHA256

    d9c9ccafc75e1d7f7ae7a20358465a2599ca2a84bfd81f162c37bf3f143d8a6a

  • SHA512

    c56bdbbb3794bdab2f05ff6c517d703887e59017bccd5cacc62a70bd87ee8b8794e49673625fe4073ec48e8e2a2f58f743895b4870043d3c61fab37a75b542ec

  • SSDEEP

    1536:oODDm+BNXq7KzZlh7yrjTqqqqqqq1m8NSoNSd0A3shxD6q:oODDXfNlhfdNXNW0A8hhD

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2