Extracted

• • Target

    3dcccd35b0c3a42289ff8d61aee5ad0fcb9a971ede91a975a5f4f249a40d552d

  • Size

    128KB

  • MD5

    503826b3bbbad48c01660cf0edd93ab9

  • SHA1

    d52df71ebabbe1cc19c2b656196d880ec423e3c3

  • SHA256

    3dcccd35b0c3a42289ff8d61aee5ad0fcb9a971ede91a975a5f4f249a40d552d

  • SHA512

    d2ed1f2bd101d6dd987e520e7e430f509edcf78221956a81138ffd7d58261f2cb55ba3d5f74a504f74103c91c98a1d6b9a9a572c91253be60751eebc0e028ccf

  • SSDEEP

    3072:ouy6MK7yBGFGO0EdETNOKxTbwf1nFzwSAJB8e:of4yBG4ORdgg1n6xJme

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2