Extracted

• • Target

    b3e950e35c3c9a6cabf9f4803aab89054fc88668de7905f25d208229b5375e47N

  • Size

    448KB

  • MD5

    c738bfd119c64f15411899fc18427320

  • SHA1

    edba4006016fe237da9a317e58215b8feb5d932f

  • SHA256

    b3e950e35c3c9a6cabf9f4803aab89054fc88668de7905f25d208229b5375e47

  • SHA512

    0dfc3356853eb06a3948ca87eca8b6e554071c41dc466918a194c2905ed8563c0714f6b3c5c0f5ce9b34af8b695fece1b74b027f9f138093d079b3f06d3acc5b

  • SSDEEP

    6144:9mYl78D6s21L7/s50z/Wa3/PNlP59ENQdgrb8X6SJqGaPonZh/nr0xuIKjyAH9S7:93h705kWM/9J6gqGBf/sAHZHbgdhgi

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2