Extracted

• • Target

    e4ebc49e01676ea0322aadd6902573ce5c515e3ab203636129033dd0b82ff8dd

  • Size

    128KB

  • MD5

    52fba49539bc02bff8ec46ed45bc11cb

  • SHA1

    1872dd083f247d22d22ea8065521e56dee5cab8e

  • SHA256

    e4ebc49e01676ea0322aadd6902573ce5c515e3ab203636129033dd0b82ff8dd

  • SHA512

    c77b50917257a1e4a940f6fc6e8b3328fada28bc69eb6696b92fb59b8b248c8bb3138b5dc6da807c43d2368eba4a49b2a3d247157f184e83290fb8f551e17394

  • SSDEEP

    3072:3vMk/v9HbniYbfpEoWXcvKG7UDd0pCrQIFdFtLQ:3nvhLiZXcSG7Ux0ocIPF9Q

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2