Extracted

• • Target

    9a3b61d4ca5a5c62b436ff6d33225b7919617fe9f448571bb8c4eeb54ff5dbb2N

  • Size

    3.7MB

  • MD5

    122f0e3452ea87af98ad9c36223627f0

  • SHA1

    ff0ee295843ba9c9be6b7f9683548fc3f93160da

  • SHA256

    9a3b61d4ca5a5c62b436ff6d33225b7919617fe9f448571bb8c4eeb54ff5dbb2

  • SHA512

    7def3a2efc3449e2f6c05e160a67c4793827e436d74f06cdff754bc3bc4819b6718ba0181b5f0a92704b93183ce3c204ef978752bbcaaee16fc37c043b06580f

  • SSDEEP

    12288:xx5NSN6G5tdh5t6NSN6G5t1sI5yl48pArv80akHpqJ3ytR5DMBk1WPjU8/c6HhCr:n5c6W0c6Ys4HpWQ5YBLjU8/cfggY/Q

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2