Extracted

• • Target

    31a2b551a7c376fc418c5aef9b44a5249605b948655f5ae84ed54fe229b015a7

  • Size

    64KB

  • MD5

    bd379919c0784ddb9982871c5c4de755

  • SHA1

    a448faf780215cb3a6957ecd29b47aa60c513486

  • SHA256

    31a2b551a7c376fc418c5aef9b44a5249605b948655f5ae84ed54fe229b015a7

  • SHA512

    e658e10d574f196244485339007ebfe9dcb5b371ad60c2984a9f2de44790d2298f8f071af05414a0c7cb8389ace8005eca03aba292f687e1d4060c3f0c047d51

  • SSDEEP

    1536:Nby+rqkFQccz7ubn0W74jSUXruCHcpzt/Idn:JyzkncPuAW7FpFwn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2