Extracted

• • Target

    7becb5368642b53570db69716ac33e5b5839dac916c114f36cc2c7056f58934e

  • Size

    59KB

  • MD5

    5c7977043dfa4556c7c496de4db909f4

  • SHA1

    04bd31f939fa5cb4e0c3b484268ffa547614802a

  • SHA256

    7becb5368642b53570db69716ac33e5b5839dac916c114f36cc2c7056f58934e

  • SHA512

    0d31d2d1a12766fc1656ad839b3af5bfb7f9810dc38890bfab926334ef4e3fa54d5d4838cd0e492c772163775d19cc0f4aa81553010e8812d8e363ec652a0c8d

  • SSDEEP

    768:j+CqoOeqKShHcuHXhofcjm7IPQjaXH2oC1+8+bIoO3WsUMK3fZ/1H5R5nf1fZMEd:CKk8jfQQjaX7y+7O3hRMxNCyVso

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2