Extracted

• • Target

    bfde5f7fb1a32d3fde83d59acc58e1cf101b9ecea8acc362444f4a10a99b0e17N

  • Size

    45KB

  • MD5

    dfc8f13694c853bf102ddfdf97ffb920

  • SHA1

    929488ace0204c7db949370a59ef43bd32505d67

  • SHA256

    bfde5f7fb1a32d3fde83d59acc58e1cf101b9ecea8acc362444f4a10a99b0e17

  • SHA512

    fdf453941947199f2f1f24a88189a7e93cea36be148e300eb70b6495ffec7ce82e264391426f1dbafa46db071ce3adf9eda7632568bc4467a3cfa022efdd34cb

  • SSDEEP

    768:o2LSLA7s5oGn4fGaYCijCHe6y9+ySUVhoOPHiBIJ4s30a2mnz/1H5XT:o4s5oIa/iuHt9ULo/g4s30a2ElNT

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2