Extracted

• • Target

    446da78cbb371a0b2a636e1677139281c530ef533b29f17783abe9d15f79ece1N

  • Size

    219KB

  • MD5

    bd4a7b8e31cf5f04c5039068ec596860

  • SHA1

    e42ffe58d506bf6e688c3b196bd8052d9ada427c

  • SHA256

    446da78cbb371a0b2a636e1677139281c530ef533b29f17783abe9d15f79ece1

  • SHA512

    bbe21e5dbcb42f532f9eb4fbaa3850e6becdf8fb917314ea24a250b139c3a17a18f67eb0a8bc2009f1917f0e4750c6b285b3c3f937fe8a16fcfe8587566694bc

  • SSDEEP

    3072:oOEZJcdPzwuZkO0aDb/IBPCOQvU6z314EXrjvwSfYrwBt:nCqNzDOO0aDD4PCxdXXwSfYrwB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2