Extracted

• • Target

    f58c3ef68b7b8f98419538928f101b691f9a3ee939a490c4c1444bd46b86238e

  • Size

    45KB

  • MD5

    f6c0a51f6727934cc28b904b070aebef

  • SHA1

    29c4b5afb3bb91c9bb3fe6c8bdeaca5cfe789846

  • SHA256

    f58c3ef68b7b8f98419538928f101b691f9a3ee939a490c4c1444bd46b86238e

  • SHA512

    ddfeb4d6573d96be58a16cfe65304bc520ad378d7531789eed58021479bc38af644dced6da6732e039cf1ed25fa1758ab61617239c2a3a51f874cd18b4ae9b02

  • SSDEEP

    768:DZHVeubgDPhzkbBZhOCo9b3ibIxjUy0Ve9YnOPQJa6I9Tj3LSPXMWFqPIJ/1H5:NHUubgrhzShyFabarZ3qMZPID

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2