Extracted

• • Target

    457d7a32d41d52e076f6ba3120c3b9181a8e5f90269efdc98362d270f3eab918N

  • Size

    69KB

  • MD5

    b06e457d0a41dadb13e034fea8cf3770

  • SHA1

    b3b938c5881f984fd6548af9db77ca51a9e84ca2

  • SHA256

    457d7a32d41d52e076f6ba3120c3b9181a8e5f90269efdc98362d270f3eab918

  • SHA512

    e80b8fd8b917bcfa46672b874301f76edaba9541031bbaeaf85d3143c8b6f0cca6f663d1aa846eb64c9ea771011456f196455d978596c42bb0500e70ef88d38a

  • SSDEEP

    1536:tEvG1+6gV7Yu5mvJYBXbzOJsPgUN3QivEg:tEOAz7Y1YBvOJsPgU5QM

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2