Extracted

• • Target

    1b07b1dc57fcfca47942f1bc073d9bceebccc0fc515a2539b9c9c88364314ffa

  • Size

    45KB

  • MD5

    ac4f2df3779ab9e110a70797bb051b0f

  • SHA1

    14c740b7a055494c158f3baa193d33b36109f4c5

  • SHA256

    1b07b1dc57fcfca47942f1bc073d9bceebccc0fc515a2539b9c9c88364314ffa

  • SHA512

    7d5b32b507d59b3b90b241f31335a788dca14d467c94859ca67865eccb912dc0041b402ca2277784ad4c6bd9b01f9ee3615f44d37b7fe14371551d0af71fe3e2

  • SSDEEP

    768:xOdbN18bwd/XLb3Aar4VOaPLPTkOBl7PjfbvkTn7Pj3LfzHbvDXr/Tn7Pj3LfzH7:xOBVd/wakPzTkOh+6C

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2