Extracted

• • Target

    bff693afa00546a89d1b4fd4e0978512116418080c33737f54b3e9ae505e0df0N

  • Size

    52KB

  • MD5

    cc91595d1af708674a0decdac49108c0

  • SHA1

    0922e7f5cbe15fec2421bdd12bf41737c0b526aa

  • SHA256

    bff693afa00546a89d1b4fd4e0978512116418080c33737f54b3e9ae505e0df0

  • SHA512

    814ed9c3f9ef7ae8b35d0e7b201a3d08b5d78ee95e8102b0048b98d538bb6199f107b5f086d51cd9f392d21f3558116d432e669759846458f55ba2dfa43e3ae7

  • SSDEEP

    1536:bIl5G1FgjZKGuqynQfEYn+Znwo/VYkw3DfBwXHQj0O3ojeKOMAdKZ:wMRnQfEYn+Znwo/WkwTfkQ5a9OMRZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2