Extracted

• • Target

    a5a5e0cb40b75a9baf05ccd718bc4f703dea182ccd3a008aea1f7b3fab0a2997N

  • Size

    45KB

  • MD5

    ca8fcb7de2f2d3bd78b0c530ab632590

  • SHA1

    fb31dec6bd7bc80db8714badedc465a935d029d5

  • SHA256

    a5a5e0cb40b75a9baf05ccd718bc4f703dea182ccd3a008aea1f7b3fab0a2997

  • SHA512

    4a1a3399500779e6e0334541d16565acaf218c77fdb93c774ed0681da1a81cb64cbd84c3f5063fefbb858e08866e1578036da2a6b3901f32066d63c1f55cbdac

  • SSDEEP

    768:L+7O02yChH7SmzAPU6ap2/GvscEyEthSdIj0zJ/P/92lVk/1H5J:L+wyCB7ShcxJzTk6b

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2