Extracted

• • Target

    1bdd6c6589a51a89c258b5c6550b0ae32d34f1fca23c688dceecfd47189ead3fN

  • Size

    45KB

  • MD5

    f8cda290676936c72c21950c79863040

  • SHA1

    1fce217e25da0117fb9088326ab13197190633a2

  • SHA256

    1bdd6c6589a51a89c258b5c6550b0ae32d34f1fca23c688dceecfd47189ead3f

  • SHA512

    007fd4c97850c4cd73ebccbe96d88ec89c9517dd531e1fc238e0eda922b7abf6cb41474036feb342cdccc45ce62a14e1ea7bf8d33ee0b403a9b92b52870af6dc

  • SSDEEP

    768:/9xp3Bon8wqGPwJPK20fxkWVAI1vbvm1jQy4F7O+OCA5r/1H5v:/93BOwGYJCbf9Vnaj+O+O55dx

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2