Extracted

• • Target

    7e2c63eb44886bbf37a0a8c82ae9c60d4558b802b9b227a81644ec0f037cc29e

  • Size

    45KB

  • MD5

    572cf4ffcbead36486976d49cb106d67

  • SHA1

    df0c78e00e984fba421a5f15671a61e3f9ecc861

  • SHA256

    7e2c63eb44886bbf37a0a8c82ae9c60d4558b802b9b227a81644ec0f037cc29e

  • SHA512

    22712f588a0a56ea5dffa9ec06aaea9b5d848e942e971fe70b92f4dbb3d51230182ea98538fb190e527f8e36f12206f4378e1650825fa31fc9e29ec28c69a90a

  • SSDEEP

    768:W2aDrShECF5xctMFmeFinnognwHGmgEL0sS5ReN5QkQUylQLpJTJC+A/l4jqDuMv:W27F5xc+F+0LppU+At4jqDu0mg

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2