Extracted

• • Target

    a2da322b677d22a49f61ccaa04d55b0443fe4c736d3f143c650f7dbb25e419f6N

  • Size

    448KB

  • MD5

    c99d30f7a9f75c2c54f25d2a81ba3000

  • SHA1

    3d1c4e9ebe0ace61f121ad2804f50cbc94dd1216

  • SHA256

    a2da322b677d22a49f61ccaa04d55b0443fe4c736d3f143c650f7dbb25e419f6

  • SHA512

    36826e7b3bacf1b4a62a9949b5bf8c09244d2d7b12753ec04be83e214cf88ef6d1b46796c02d6a248389fdf7be8460e158db4147c9b8b8145c66bebd266dbcee

  • SSDEEP

    6144:yCzXv6s21L7/s50z/Wa3/PNlP59ENQdgrb8X6SJqGaPonZh/nr0xuIKjyAH9SKzS:jW705kWM/9J6gqGBf/sAHZHbgdhgi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2