Extracted

• • Target

    1e8e85623e44899e13e5f5b22a8b4f8eb77abfb88162bafc469ef70f4c4f7495N

  • Size

    55KB

  • MD5

    de3f41009c7a70e424fee995933ee200

  • SHA1

    1c40a20ecab005ff0432abf5765d550f7b848274

  • SHA256

    1e8e85623e44899e13e5f5b22a8b4f8eb77abfb88162bafc469ef70f4c4f7495

  • SHA512

    61f5a016288b06be1bfc9405d83a3894e43b37fb12045c243a7142c19a0b64f166507f363be5b966b18eb146e816a08d08196c18027c78798b611e4c341a9e76

  • SSDEEP

    768:HEhTctwkuOte3PHVPGBXMo42dkGNMtLRLJ/1H5aNSoNSd0A3shxDfC:He29uOCfVaXY21uYNSoNSd0A3shxD6

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2