Extracted

• • Target

    1cb1877605fc7202cdeb7018403dd53d5a50cda34049fcc52d9ee03946ff1d97N

  • Size

    67KB

  • MD5

    ae34176e4c0d75ab72e115a4e857e610

  • SHA1

    9dbd9d9791edace9129fdaf3d9accb34e7550903

  • SHA256

    1cb1877605fc7202cdeb7018403dd53d5a50cda34049fcc52d9ee03946ff1d97

  • SHA512

    78d98b779ae1fb66a990ebbfb51e8def8d7587cc579864c326d6c42cc9cebb328bb6be79d2098b99f6db63f36c2841832a4e2b2ce6856a2558b3bb57e0086ea6

  • SSDEEP

    1536:WNBdwmKCAt8xJG7/r6QydRwVk7NWDNX9sJifTduD4oTxwf:WymKxtbzr6f8wNAd9sJibdMTxwf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2