Extracted

• • Target

    6a1341d0d2e1bd7a2f7b0aba2141155187bb8d7b7005956611db19efed7815b9N

  • Size

    49KB

  • MD5

    c90f85f9ce9142573fdd58a10a3b7e30

  • SHA1

    d8763c8a94001aa8ebb3d564181ed9e6596e9a3d

  • SHA256

    6a1341d0d2e1bd7a2f7b0aba2141155187bb8d7b7005956611db19efed7815b9

  • SHA512

    a07219ce008d71288ecfce55a19fc3962548a29905f0591fc4aba7b0cdf250115c1099a5cac340e4e8287b57ba4a6dbd520a806da60c45702dfdde693c07346b

  • SSDEEP

    768:EOjMxarZ1lMknZI+Ag4XSPHSkKrpJmlNv3nUa9YzpKPV/1H5tV2Xdnh7:EOuIbMwI+Ag2SP1Kr6vpPPql

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2