Extracted

• • Target

    01e4fe342a0c713fd85e54033dc7cc5fac20641223544494a5b2ee7ca22aa5f1

  • Size

    194KB

  • MD5

    a938b7e0b3944f81f094d99d469e020b

  • SHA1

    dc12dc4ec278a08f669b9ff2d67819903ed65537

  • SHA256

    01e4fe342a0c713fd85e54033dc7cc5fac20641223544494a5b2ee7ca22aa5f1

  • SHA512

    014f0c76552aa5b916f7f09d7799d80d94c144455a2ea8424bd4f62bc587a0d75a56d87715221584f0317c87cc66db4dd061e8e273da23d2f43f59548822e6b7

  • SSDEEP

    3072:5l8Y/g6lfjIH0qFBFH1mMIM/kEmMIGumMIc/1GV:66lfE715/pbuh/UV

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2