Extracted

• • Target

    ee4c7cbd4280d4270ade4f573e0358be85ff9ae9858cf278f5cb6595c588447fN

  • Size

    52KB

  • MD5

    da447d87cc9b1a4b290b0f2004a25500

  • SHA1

    57c75af4fe48ba36914b9eebc1897df6d89e3852

  • SHA256

    ee4c7cbd4280d4270ade4f573e0358be85ff9ae9858cf278f5cb6595c588447f

  • SHA512

    535a7040ee17e9c1e2342a4f8a1537595af2bcdba5679e84ae2e2197274098128b52e4ab7869dd085a468be2eaa4d42658430060a7aa7e05e7d00c40d661f735

  • SSDEEP

    768:fmvUKWKGBl3H6JBbm0W+Um5+OzjIlWoqz6JZcre/1H5F/s/MABvKWe:IUvKw3aJBbm0FKGUlWNz6JaEaMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2