Extracted

• • Target

    c61c82f962d26d2dd2093a69b2a6b61b9a9b8275a0ce375e87e2edac185bfd47N

  • Size

    64KB

  • MD5

    dd41e1819291bf4a69e1a9eab394edd0

  • SHA1

    02ddc05509736ed073c028acb4c3aa9143261bd8

  • SHA256

    c61c82f962d26d2dd2093a69b2a6b61b9a9b8275a0ce375e87e2edac185bfd47

  • SHA512

    6b18c21374c0431cd363ae1d3a3dd4ddaebb13ca64f7bf6ff857fe1e17f65fdb228305d2e1078f8572364a62ef311bb14b3ed1ed874d665c2a1648682b6efff6

  • SSDEEP

    768:vVfLdSqlyJFKEuasR9Wkp1t5OnR5Yng2Jp6/1H54FYnsWKA2kms8Y/ts/9d2NzY/:vVEBuasRrp1GDSLAWyzrPFW2iwTbW

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2