Extracted

• • Target

    966e0a8842b03764ef75ded9cf26cef9c95271dbd2692a342c304f53f98a637eN

  • Size

    52KB

  • MD5

    52666037de24e24820815118418ef3b0

  • SHA1

    1b845f6b24de396e21a2beeaa0703618cc7267f6

  • SHA256

    966e0a8842b03764ef75ded9cf26cef9c95271dbd2692a342c304f53f98a637e

  • SHA512

    278d5b42ebe9e91a4eef870b101c84db5efbf58463d937d0499f995f73056834755b5bfa387833c74d9c49b989df1fc255ac0395ff094268a028346f329381af

  • SSDEEP

    768:4Y04mkCs6dZCxXeuSfmrhOV+Jr6W+8U0BcV/1H5F/srMlMABvKWe:704Ys6dZC43fpV+JuW9U0B+nMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2