Extracted

• • Target

    e3fc0cf808ee30166a85bc5f3ce933316f359c2cdff92bb105ab95503c863f02N

  • Size

    182KB

  • MD5

    fb8b901cb29b39db74f172924c4c0720

  • SHA1

    fae1bcbce0258df4c3afa1f04f6336a0f01c0aaf

  • SHA256

    e3fc0cf808ee30166a85bc5f3ce933316f359c2cdff92bb105ab95503c863f02

  • SHA512

    229e648feffef7582b0ddf5187b646971bcff53866edee71f06ed497235a242a1faca3cd42349ddbfae8fa9c18ada671db357599af34f126bd11959602270505

  • SSDEEP

    3072:DlupcSF3l4563vFT24ho1mtye3lFDrFDHZtOga24ho1mtye3l:R2c6l4563vFYsFj5tT3sF

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2