Extracted

• • Target

    182fb488d3c0d3fa53a81e7c897190be752e114b75be35eff69db9cafd4efc26N

  • Size

    67KB

  • MD5

    bdb4e442ad0ed666e070b41e7b0aedf0

  • SHA1

    3d164749d0adfd0acaa46cd7f338ffa110bd7be4

  • SHA256

    182fb488d3c0d3fa53a81e7c897190be752e114b75be35eff69db9cafd4efc26

  • SHA512

    cdbce910d166c320c6a61e72600589349b0fa4c9bb45396feacaece7ba442c0de327c16c0db073ad4ec917a82e45d038e0d17aed2dd3d43b72abc0bded3297d0

  • SSDEEP

    1536:7Fb//v0eUx1Jv9lngQcIhCzfwM1eRVesJifTduD4oTxw:7FT/vRUx1Jv9lAQCzf+wsJibdMTxw

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2