Extracted

• • Target

    c3d16ff6123a09ab1c87b3127ad46a26f3a483edb5d5e45d85371bef396faca7N

  • Size

    1.2MB

  • MD5

    efd929980897f4a7db21419d45626b70

  • SHA1

    fb9dd29dfb02499e5370262e5f0b7d0ba06a068c

  • SHA256

    c3d16ff6123a09ab1c87b3127ad46a26f3a483edb5d5e45d85371bef396faca7

  • SHA512

    5d4879c84ee3d030fbbde1e48d9b254c7c1fa8cbd0f80fd7938f0db92c9d4f180a657b80b94ffa1983b63a16d728dc40fb46a3009853aff275957cc02989e50a

  • SSDEEP

    24576:yfaPh2kkkkK4kXkkkkkkkkhLX3a20R0v50+YNpsKv2EvZHp3oWQy60as:yfEbazR0vKLXZWy60as

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2