Extracted

• • Target

    7a7597beb01db783ce101491d5aafe6981134065b6e8ff7c1297c1ce65dcb953

  • Size

    91KB

  • MD5

    c3b5691e4a94c8c1f225e5ece7cf9e8e

  • SHA1

    50bb00ac757034ec19eb3a67ae2355753127f38a

  • SHA256

    7a7597beb01db783ce101491d5aafe6981134065b6e8ff7c1297c1ce65dcb953

  • SHA512

    cc517801a2820b015fbff18e805685bfd78df8a48fdf57fbe68df68e9962a6cc07ac355cd7a452d0276fc80ff6683ea99090451113fa69f62abbf97e3c207b3d

  • SSDEEP

    1536:HiqDXXmcPQ29dIun+qClLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaadhXd45J:CQXXpjff+qClLBsLnVUUHyNwtN4/nEB9

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2