Extracted

• • Target

    bb7ea978f2c40195f8d00476c817b0d9fcbea3e7713040d9be54a4df6918dc1a

  • Size

    512KB

  • MD5

    bf1e3780837efbdecab56617c810b625

  • SHA1

    67522b5f34d641e03a021c86fd2bf21a8c56e09a

  • SHA256

    bb7ea978f2c40195f8d00476c817b0d9fcbea3e7713040d9be54a4df6918dc1a

  • SHA512

    ba0fa1b710b3aa9dd239f2d3fa66124903f34d7161e67c4c6381980863b96f6dbd3e9dc17a094fa02287646740eaf20cf2d30396903897f1c42e6734470cc827

  • SSDEEP

    6144:AQi4XbV9A9MbUZP8VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:AQxV9A9bUG5t1sI5yl48pArv8o4L

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2