Extracted

• • Target

    465566d88000e4ad2cefc80d14c221f9867e07d29761c94ccd02567038ba7850N

  • Size

    91KB

  • MD5

    b7a17bb5e48ef38111c50bcbe10eca30

  • SHA1

    9228eac245c9c8b402f41ae65ca238115cd9f123

  • SHA256

    465566d88000e4ad2cefc80d14c221f9867e07d29761c94ccd02567038ba7850

  • SHA512

    d2042cc3eda7e4ca002abdbe513463c61d0a9c3aceafab8fa614c246f8161d6fce7d186035926ed44eb6aa5b803f09a0717ef4721a290b32d6c5cc88d1e7961c

  • SSDEEP

    1536:n+lg6DUtF0Z+/rX0KbayPz4FuYd6YMo5uSY6MVD0+Bza:nYS9PbayUv6i5uSIa

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2