Extracted

• • Target

    621191b61c96cc92c05021f04b17adeb87948004aaf91fc68f170a94c55a2537

  • Size

    128KB

  • MD5

    d1d1687c957908423f39b6d6dbf72789

  • SHA1

    7dd61c6ffa06e8c197e5543ca0e048e2f2b715d4

  • SHA256

    621191b61c96cc92c05021f04b17adeb87948004aaf91fc68f170a94c55a2537

  • SHA512

    b1fda08ad0701f41aefb8160d968cf711cc8064413f6af82b546b7bf5629e1cf9cacac1f45570a66156a943e50a81450be8ae9c858ff551e3abdcd5ef57b4840

  • SSDEEP

    3072:mLhE4SMoPm9JNxQmZfm+kte+MZmYm+DqVSLC61t:n49wU/amZfm+kte+MZmYm+DaI

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Drops file in System32 directory

  behavioral1