Extracted

• • Target

    e5d6c4f35a93cc72338abdeaf3ad577cabfc4649591c70c593e157e4166a7663N

  • Size

    45KB

  • MD5

    11c6b68e28da4cc580e6c59c7b700f80

  • SHA1

    c369d87e8d2f09619a5d66eaca450bddf76fa9c3

  • SHA256

    e5d6c4f35a93cc72338abdeaf3ad577cabfc4649591c70c593e157e4166a7663

  • SHA512

    5772713a2259cfea2778a94b5267218f179c734e6fc99bad3cf8bc2ecf18c424c9ef8ae98e5bd28c4385fde1a83526cb46ec865b2bb235e4e38ed9dfdba2e75f

  • SSDEEP

    768:jNAsJ91pDJAv+0U2eG0tL5JzdjIiMRheAdF08dG90bp9pV/1H516:jf9jKvrP0tLLdcXYh8dG9ulj6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2