Extracted

• • Target

    f68aa051ac8a013d51c06a51b4772ddadb9c4444737eebdc0e9062eaf237c6b0

  • Size

    285KB

  • MD5

    01d70969c3f6b9b884029799054b01a7

  • SHA1

    8f016c7b41dfeeeb9c303d43004792fcd2206624

  • SHA256

    f68aa051ac8a013d51c06a51b4772ddadb9c4444737eebdc0e9062eaf237c6b0

  • SHA512

    ef0dd6b3dabf944d41c54093a3420ef86c14c24132d7f3f61396039bab4c6f671ffbe0a11b49b46a21128ca11aa96da4bdb7a37c63abeeb09c7ed8e75c5b1731

  • SSDEEP

    3072:HeYw3NI4oPafw0ndedKVcbMloVRr3uMg0kAqSxYiJ2QM4GKcR:HeYwK4oDTdKQIoi7tW6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2