Extracted

• • Target

    324c7189a3815dfa1f79f12521711a1a5fb40b54a79ae80a304b8f76f5f72718N

  • Size

    67KB

  • MD5

    0cc6b285712692c83ca76d3cdc34ca60

  • SHA1

    57a5660e5cf583bba43b1751d885a97009fb6ffa

  • SHA256

    324c7189a3815dfa1f79f12521711a1a5fb40b54a79ae80a304b8f76f5f72718

  • SHA512

    859d7fa706c93cd7530abf5cbe5eb9a98b1861d1cc2d26a5b774c18c8fb5b676bc1ca9f4d8bd200c8d3fce66c907fb0cca07259365dc05897b9e0e46e429bea7

  • SSDEEP

    768:jIgaDlwA0mB2IzOeO8aQDo+bCCjc9l2X/1H5rEsEVErME/feYvn1q/D2ZuAx0GoJ:jIneAeqdVaXLlgjsJifTduD4oTxwU

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2