Extracted

• • Target

    6a0c8b02e23a9d76629f5c425278c3e31e28d44d7a1dfe50b20f3fae47ebf4b9N

  • Size

    52KB

  • MD5

    8e52eb9bfdcc669f3f877141fb876e70

  • SHA1

    8caadd11c3451395234b8e0ff2c8c065bb60ad6f

  • SHA256

    6a0c8b02e23a9d76629f5c425278c3e31e28d44d7a1dfe50b20f3fae47ebf4b9

  • SHA512

    95a58fb2ef929de386dd20eb1fd1dab723490438eb0f123101682ac8b85dc828aaffed856336d8027f2aba3f3b6749b086f3a1adaae0ba366872e544468bbccb

  • SSDEEP

    768:OzbaOui9BIpMznWoJgO2bhJY9g7by3RlOGZc2nwNH/1H5F/sgMABvKWe:OzGOBIpMbWxbh37GHZcRNZ1MAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2