Extracted

• • Target

    1331003426fabfc080a0ae93f3534c5441c54cbb5ea261983b2d6f4dd8fa8a8b

  • Size

    69KB

  • MD5

    c91bb9c8b71beaf4f894f86700f4d103

  • SHA1

    5b79a98a555bf1b9ab55c29a7daada22ca703f41

  • SHA256

    1331003426fabfc080a0ae93f3534c5441c54cbb5ea261983b2d6f4dd8fa8a8b

  • SHA512

    14842ebba4efef5bb9efe38fc6e44e4456dcfd32be6e72cc2089cbaa47d0a4f23b66d5fb91a1f0b88f8c44e0cb625f1f864d9464a9d2193f2141837c4d00d712

  • SSDEEP

    1536:FzaTH05uiFx0LOVIZf0KLOklLGAX8Nein/GFZCeDAyY:KgHFx0Lf8uOMGAMNFn/GFZC1yY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2