TrojanDownloader:Win32/Berbew!pz malicious file

The TrojanDownloader:Win32/Berbew!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanDownloader:Win32/Berbew!pz virus can do?

Creates an indicator observed in Territorial Disputes report SIG40
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine TrojanDownloader:Win32/Berbew!pz?


File Info:
name: 65FA8752D28A6E4FB607.mlw
path: /opt/CAPEv2/storage/binaries/3c2f4a765751769c7b8534fae8675222c5015a94ee29150631e909895b35cd38
crc32: FF41413F
md5: 65fa8752d28a6e4fb60717e533b6e0ad
sha1: 618f6ae6b709f53824eddccba827d884774accd1
sha256: 3c2f4a765751769c7b8534fae8675222c5015a94ee29150631e909895b35cd38
sha512: 087beb20c9692eb6de3efaddd607573ce2375ae228e4ebc2b44970567a7701548a748c2578a77d0a25904becaa3aa810c4d6fcaba5b5a3387c6883c10033d1ca
ssdeep: 768:rruPgULpUfqOdJ3PzhGYY60aI4hZ2eiRFya3LOlttGw5SLZ/1H5z5nf1fZMEBFEI:WoyiHT7hGYDeec3LOlbAfNCyVso
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10E435ACFA5871973C3433EBF3CBE05A6A2658BA117D6400D88E9823D150977D9EBE582
sha3_384: 338c404f577c7cbed9168dd0b9521b7322a9b8bb6e7e245cc52ddf5d313682ede9b2e88d815f466f13e839cfc2c3f1c2
ep_bytes: 90909090906067e80000000090909090
timestamp: 2023-07-29 18:29:59

Version Info:
0: [No Data]

TrojanDownloader:Win32/Berbew!pz also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	GenPack:Backdoor.Hangup.B
ClamAV	Win.Trojan.Crypted-31
FireEye	Generic.mg.65fa8752d28a6e4f
Skyhigh	BehavesLike.Win32.Generic.qh
McAfee	GenericRXVP-YB!65FA8752D28A
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005780dd1 )
K7GW	Trojan ( 005780dd1 )
Cybereason	malicious.6b709f
Baidu	Win32.Trojan-Spy.Quart.a
VirIT	Worm.Win32.Berbew.G
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Spy.Qukart
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Spy.Win32.Qukart.af
BitDefender	GenPack:Backdoor.Hangup.B
NANO-Antivirus	Trojan.Win32.Qukart.kcwdef
Avast	Win32:TrojanX-gen [Trj]
TACHYON	Backdoor/W32.Padodor
Sophos	Mal/Padodor-A
F-Secure	Trojan.TR/Spy.Qukart.NB
DrWeb	BackDoor.HangUp.43832
Zillya	Trojan.QukartGen.Win32.2
TrendMicro	TROJ_GEN.R03BC0DB224
Trapmine	malicious.high.ml.score
Emsisoft	GenPack:Backdoor.Hangup.B (B)
Ikarus	Trojan.Crypt
GData	GenPack:Backdoor.Hangup.B
Jiangmin	TrojanSpy.Qukart.ahel
Google	Detected
Avira	TR/Spy.Qukart.NB
Antiy-AVL	Trojan[Proxy]/Win32.Qukart.gen
Kingsoft	malware.kb.a.1000
Arcabit	GenPack:Backdoor.Hangup.B
ZoneAlarm	Trojan-Spy.Win32.Qukart.af
Microsoft	TrojanDownloader:Win32/Berbew!pz
Varist	W32/Qukart.K.gen!Eldorado
AhnLab-V3	Win-Trojan/Berbew.51712
Acronis	suspicious
BitDefenderTheta	AI:Packer.6CDB3E0D1E
MAX	malware (ai score=88)
VBA32	BScope.Backdoor.Berbew
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	TROJ_GEN.R03BC0DB224
Rising	Backdoor.Berbew!1.AE0A (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Qukart.A!tr
AVG	Win32:TrojanX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove TrojanDownloader:Win32/Berbew!pz?

TrojanDownloader:Win32/Berbew!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X