Extracted

• • Target

    6a3591cee291c9b3c2efd85f332919330cd4463e3c1063447eb8fab0b7c7923aN

  • Size

    97KB

  • MD5

    beed31402fcb4169fd26709d04c75f10

  • SHA1

    03ba8c582b62085f44c1208b2ed98b915453dd43

  • SHA256

    6a3591cee291c9b3c2efd85f332919330cd4463e3c1063447eb8fab0b7c7923a

  • SHA512

    780cf16b09809711642886c55e13dc1c00553cd2caf06abe25bc803e574c9b4e79510846cd00daa46e3566c97831913bb25dfa22538790f79f9f8f1c27367889

  • SSDEEP

    768:otxSkqtb5urq8iBRrnvj+80oh3MgsY8AM4jI0gsYEw8oUAMGbkQcI0gsYEw829U9:YS317yRIqNcb27XUwXfzwE57pvJXeYZ6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2