Extracted

• • Target

    d8686ed0e0a94923f276dfbe36f38b097da2a67938ff33e6d0942723225358c8N

  • Size

    448KB

  • MD5

    c14f0c1c5ef98eff0568fea71cfa8990

  • SHA1

    fe7713930d64d2b31a46e01ee714927512bf3472

  • SHA256

    d8686ed0e0a94923f276dfbe36f38b097da2a67938ff33e6d0942723225358c8

  • SHA512

    71f812261c5345dea5f5c8a274bec5878f9396a97704ef2afcea508011349697bde4cdb98183fce8a37df8a0cb62157bedf0ecf19dc624f7323d01c7d0f846b5

  • SSDEEP

    6144:Lzs1B6s21L7/s50z/Wa3/PNlP59ENQdgrb8X6SJqGaPonZh/nr0xuIKjyAH9SKzS:Lo2705kWM/9J6gqGBf/sAHZHbgdhgi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2