Extracted

• • Target

    b40f8b48fd936d6ed234d8d99ad421ccfae137f670a10360c5ae33fb3a80bca3N

  • Size

    224KB

  • MD5

    fdee37f5aedb85c210fa6faead6807c0

  • SHA1

    c93ae75a5e425ea5fa43835904464b2d247320b5

  • SHA256

    b40f8b48fd936d6ed234d8d99ad421ccfae137f670a10360c5ae33fb3a80bca3

  • SHA512

    cbf4d23cbc513e3cb3f79bb3b93a4383e5b3abb2f4c29d2578edbc374a0eca74f78cc0db3873902d56073f1d36d1aeca6308401e2f775ca70e850196ea1cf33e

  • SSDEEP

    3072:rETF4HIuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgtSU:2F4d4s5tTDUZNSN58VU5tTtf

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2