Extracted

• • Target

    4f972996a641007e00fc0834816aa09eae3162637ee5cfff7964554b86d90a1bN

  • Size

    55KB

  • MD5

    d7af40d812104c879d8eb5614e528130

  • SHA1

    028681fd1059c00541cd04c56729cc3c8cd688d1

  • SHA256

    4f972996a641007e00fc0834816aa09eae3162637ee5cfff7964554b86d90a1b

  • SHA512

    c197913312af7cea532a543996cbd5b43d7cc631e0cd8c3bc0b6c2056d964edbec7c32f768dc6b34f4b28cc961cc562b0596217788340838af1a1076f18c40aa

  • SSDEEP

    1536:V0AUYd2yV+B90VX1RFt4gNSoNSd0A3shxD6:8kAOt4gNXNW0A8hh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2