Extracted

• • Target

    d626a421e4b2e00a01770f92421133aa1a6146fd260ec65821fbfa4fa5138decN

  • Size

    64KB

  • MD5

    d1521184616032c02af8a19f0015bd80

  • SHA1

    4c2e111048f44c68372d9a8f7937391396c5eca1

  • SHA256

    d626a421e4b2e00a01770f92421133aa1a6146fd260ec65821fbfa4fa5138dec

  • SHA512

    1afd7e7f52c58fdbd40a341a81eea1dd1ec9ae03306fd87f0c26868383f2693958479003e2da10173035d8fe0a431c76f3c925cbc99f2a5364468036911d1705

  • SSDEEP

    768:kDodI6Wlr/4Mxp8EEswlkEACx55+/ZtXq8jjC/TC1CMU4iuECKID/1H5M6XJ1IwW:kUdIBwCp8EQlh5+Xt1U4v6W7XUwXfzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2