Extracted

• • Target

    c58f767fcce5e3ca29b9636a7889fb660a9773792e3be613720299b8150fdd32

  • Size

    64KB

  • MD5

    cd4acac956afe5e16215fa8fb38d6529

  • SHA1

    dfced4aabd9a9bb2b1470e45301f82c895912ceb

  • SHA256

    c58f767fcce5e3ca29b9636a7889fb660a9773792e3be613720299b8150fdd32

  • SHA512

    36ac4c7ff11353eb828a339f4284860ddc3dba2e2d008cab239ade908d8167bd731572837ca12ba3db3d537c064dce9502c26fff13616f2a7ec81295678fc3df

  • SSDEEP

    1536:a3+Pvs+JCS41VwMyP1MwOZVeG+J4CiaPZ9iKBDXUwXfzwv:aA1ThcaP/iKBnPzwv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2