Extracted

• • Target

    1253b80853862fe897d534d96428390f2bb506831b5f88cc0d8bc8b72aa105f1N

  • Size

    128KB

  • MD5

    ad67c3acab6610426efe57fe0d01c490

  • SHA1

    a6f1a2bc1aac9592be8d1829fac4223d8e14dc65

  • SHA256

    1253b80853862fe897d534d96428390f2bb506831b5f88cc0d8bc8b72aa105f1

  • SHA512

    5924cc544662d0d6060f25edde3ada89844cc0c224575091579963b4a2bd610ead3c80603bad3ebdc60982a0e8bddfb8309a97d757c7660aa49d7cbe091f66e8

  • SSDEEP

    3072:N5iPchmtdDIwAkos8lUYcgEIMQ048AkoswUgEIMQ8AkoswUYEIMQ048AkoswUYcF:N52Kmt98rG7Ux0ocIPF9Q

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2