Extracted

• • Target

    49aa580cf1270223b7753d31baebbfc6cb4303ac4c8327b39bdfa2ffb25898feN

  • Size

    52KB

  • MD5

    246f14d9f15811636e8edbd416a410b0

  • SHA1

    72bfc6a994f7bd8293d9c4bee76eb8ab349bd6f9

  • SHA256

    49aa580cf1270223b7753d31baebbfc6cb4303ac4c8327b39bdfa2ffb25898fe

  • SHA512

    88fa07301bc2409c46383779fdbc80ca7b9361442159fadb9e14699a8ef9a7ab66cbbb92171e3a3a67c3ef030d3f7eca21ac8687df4bda201d7e97a7144dca8e

  • SSDEEP

    768:lw86GBGUNDY5sqOZHoN40KjKi29I4U0sOq4/1H5F/soMABvKWe:n0UNkdOpuKGicW+xMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2