Extracted

• • Target

    cfeeadbc67b02cb4b4010762eb70cc1382207e6339979d8356c64e58bb41f480N

  • Size

    176KB

  • MD5

    3c05fb08d974b7a84f463c839c091000

  • SHA1

    2c578c2eedc77b95ee4aa6a97918cd830028438e

  • SHA256

    cfeeadbc67b02cb4b4010762eb70cc1382207e6339979d8356c64e58bb41f480

  • SHA512

    05b81510849376f6d6ff20d00935f124c2b8cb7ace5301043293bbf225517f8440753262c53505e8687edbeef9478b17540c9e7fb8189ca764361ac141866aa6

  • SSDEEP

    3072:idVbjts4e1cjENRZ9wmAOIayGsOOJF4EISi/i4gG4npAjmA39QQIckJI:intTe1nTZ9EaUn4yjK99QQd

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2