Extracted

• • Target

    05c93be0835c06a894505bc87fd5a659c748a4fcb856e0c754d6dc75fe18bbb6N

  • Size

    45KB

  • MD5

    415750f2da7fe8058535716de32aec60

  • SHA1

    d1e47e8fb6dda33333e8d87a3f10b765ad00ae9d

  • SHA256

    05c93be0835c06a894505bc87fd5a659c748a4fcb856e0c754d6dc75fe18bbb6

  • SHA512

    6a0d213a1deaf8e0e56eb89a215b7c6af09d5129fe0a710f0de4beec22d453a931548268d337a733070a198274aff667ac155c3ca8ff8f42fd621584ebfc497e

  • SSDEEP

    768:3JquBxouzoIMDwhY8ckA6keRyW7gZLHpE/wm7XdijeXyiaAWFrE4i/1H5P:ZpBiuUIMDw6mbRyWIHpE/wmbd4ibWFrY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2