Extracted

• • Target

    3fb7d664344bd9d839e953a351755057e731b5ae68b7a968e649087bccd2f971N

  • Size

    64KB

  • MD5

    6a7c69ed7f2fa09be932b65d3c893c20

  • SHA1

    cf3c0dff4f7a781abca1da6afd0b8cc9484bfc34

  • SHA256

    3fb7d664344bd9d839e953a351755057e731b5ae68b7a968e649087bccd2f971

  • SHA512

    dd9153bee9f8f444071a1772df9af3e15041e06236d977135b0374489c2e83c9cd50aed398b2ce20a387798d0609ebde7af345bbde00fd809472f65cf53bec9c

  • SSDEEP

    768:D7b0pmi30Q+inuZr6mOhDESg5ax9Mbqm2/KmRiQa/5Il/1H5Gu6XJ1IwEGp9Thfe:Dv0pBEQ+iup8A4xbHTTaifaXUwXfzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2