Extracted

• • Target

    8f32fee6c95f3932400a163c1acf7a7f056daff480047a83b3badb80311f3acaN

  • Size

    96KB

  • MD5

    f5fa5327e42af52c348be10022ebc660

  • SHA1

    90f756d0bb033997f6c6e502baa5d368e2c1c646

  • SHA256

    8f32fee6c95f3932400a163c1acf7a7f056daff480047a83b3badb80311f3aca

  • SHA512

    540fb7622c05d51a4ef1337b1db22e789808d6656e6242d09a7c6f75bd034700362e991f5bc2a5a5009b1fcfb1fd974e119e7ce2f9681501b1471c09669902ca

  • SSDEEP

    1536:v1pyu0cJAGfT6NKqyqg8PdU98A8QAjmaMJ2ts74S7V+5pUMv84WMRw8Dkqq:v1pyodmNKqy98eDAzMJi84Sp+7H7wWkb

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2