Extracted

• • Target

    1bdfed7e943aafaa95e929afb9f2b06bb3ad2f56db966268308663fb1c64addeN

  • Size

    91KB

  • MD5

    467adf40d24a35b27be704e5b5e4a6b0

  • SHA1

    895716066d3a4e5cec14257385473524f69be50a

  • SHA256

    1bdfed7e943aafaa95e929afb9f2b06bb3ad2f56db966268308663fb1c64adde

  • SHA512

    448e6c59372eabc1129db2196f7f5944bbf5eaebcd4e6a87ada9ed37e6ee479203498de7b1610c1f6ab8e1da8a8b498bdcba092baee2d594046d257b54e3654b

  • SSDEEP

    1536:F3s+1U/Xwg+68wVb7oUwpZR+h4lLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhXdQ:hqPYwB8pZy4lLBsLnVUUHyNwtN4/nEB9

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2