Extracted

• • Target

    1f179fcaa203b892ce3a7d3b352adc2007050b9bc405b783730fc25f533f351aN

  • Size

    91KB

  • MD5

    9a99a6b6872effe0d586b2f2ce54ff90

  • SHA1

    2e346dcae330fd938b1df7e1ae5880fea4ce3802

  • SHA256

    1f179fcaa203b892ce3a7d3b352adc2007050b9bc405b783730fc25f533f351a

  • SHA512

    b1389d4b3ebabb7db90253ed2f5b91b137259a50a56eec70af5a5cdebbf27bb2e0c4f880e330f95389a44745d7472f4f1f346442e1c0c7cc9ea818ea5f0fd5fc

  • SSDEEP

    1536:K3F8J/brYUFfe/bGE6lqGTRPz4FuYd6YMo5uSY6MVD0+Bza:K3F8J/brzW/l68GTRUv6i5uSIa

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2