Extracted

• • Target

    d512e7959a251100984daa26e67c41bd14ebf967f992dbd7cfa45df5f04c1af4N

  • Size

    188KB

  • MD5

    7e2189fbfad76058e931953751053bc0

  • SHA1

    cb84f4a526a27394f188d4866b12e12e9a9e3da2

  • SHA256

    d512e7959a251100984daa26e67c41bd14ebf967f992dbd7cfa45df5f04c1af4

  • SHA512

    adae3377cb69eec0a82d085fc9e763a1c6a7d221f74a40e1c6946022e177f0d3190b084b55aac0044cf956d3e1022247588df901198d7bd4e8c4317b17cd7327

  • SSDEEP

    3072:nubRM1sUJ7XHFI7usluTXp6UF5wzec+tZOnU1/s5HH0AU/yRvS3u121Te:nEM1sC7XHFI6s21L7/s50z/Wa3/M

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2