Extracted

• • Target

    c744f767e929bdeb6659f191a306b4b8f089905e6812b7425d32073ac5e3302fN

  • Size

    194KB

  • MD5

    7d4e08860f5f4a102622391c34415a70

  • SHA1

    0863f94980e82b1437f7c977c6a218c9ed717370

  • SHA256

    c744f767e929bdeb6659f191a306b4b8f089905e6812b7425d32073ac5e3302f

  • SHA512

    34de989cd809f8d40dd8807d18a7fcc66d49b05e91877ca1192e72ca13a2b84d994293c8669e21cafb68ab8cfde0bf474fd3c01204c3b497362baba7d7563ad9

  • SSDEEP

    3072:yk1uQcMdSfUNRbCeR0pN03xWlJ7mlOD6pN03:D1dcMdSfUNRbCeKpNYxWlJ7mkD6pNY

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2