Extracted

• • Target

    0bd73d6458b5c9430a163b094982fbe6a4250fd7aae29d42a7187d1dcaa167d9

  • Size

    64KB

  • MD5

    4007dd63497e191f6685d65054e9d390

  • SHA1

    638cc81165f25ec628e01b34a000f000106dfbdd

  • SHA256

    0bd73d6458b5c9430a163b094982fbe6a4250fd7aae29d42a7187d1dcaa167d9

  • SHA512

    852a6406ebdf83fc2c1a071c8ec95ad28afc51ecf35549140b81f4e01ccc8a81349f4f48fa369dc51a2ee37e7b029a917a1253c38e6fca7dc44f84f39d8c2215

  • SSDEEP

    1536:M+ARykusxhY+Ge2+Cm0sCCnQMsXazHZEl7xnY7D5mWySrPFW2iwTbWv:M5RygYTduQMBLGVxYX5mX2FW2VTbWv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2