Extracted

• • Target

    e0c31d0955166f58c75cbf594a64a9af4e8ea0135c6739fae5633b60f899872aN

  • Size

    91KB

  • MD5

    567992d71a399384c5e7252cbea7c640

  • SHA1

    04ded40f017bf589fff16cd583734690bf63ef58

  • SHA256

    e0c31d0955166f58c75cbf594a64a9af4e8ea0135c6739fae5633b60f899872a

  • SHA512

    368f8de20f283c56ac954a90b2fc883580146e5e0ee6f7e6cd09ee0a14f49373edc27a42c1066851cf73351ca64c8494f3a06206e1ba76bffa153415838e9c4f

  • SSDEEP

    1536:7g6M/Kw6lJ5Y/h8IC4SAKslk2lqQe8Df0t+1ghnqObmVy9Zt9cx0XBQZFo:7gx/KZJuJ8IrXKx2lqCDfdCkEux0XBQI

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2