Extracted

• • Target

    393774fd58920ad1223573e0e320b6daf3a75ea01ad97349ca5c1f0af006dbbdN

  • Size

    64KB

  • MD5

    1f284b243e7958db9c83cd038c89dfc0

  • SHA1

    ad829936d49969756989608b0135fc485af67a23

  • SHA256

    393774fd58920ad1223573e0e320b6daf3a75ea01ad97349ca5c1f0af006dbbd

  • SHA512

    36ca50cd9afb5027159364d74fd2ac937f71a06c75f67f9fe2fa5374a5cc1187a05214714196ae6fde7d037a9259a034437e8ec3afe6c99b15615ccebed999ab

  • SSDEEP

    1536:hdmpxQQH/JkVEKGrTLlmVVVVVVVVJ5aEYwT1KXUwXfzwv:h7U/GVqlo46T1+Pzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2