Extracted

• • Target

    088830955ac6d4e9cdb0fb65d0c6d3e8578243dfacfd67337a7b3103347b3299N

  • Size

    52KB

  • MD5

    fa25cf9a0f6ad7b3ac42dc9477fa18d0

  • SHA1

    796112762650c108f8cd59f096608dd95b327044

  • SHA256

    088830955ac6d4e9cdb0fb65d0c6d3e8578243dfacfd67337a7b3103347b3299

  • SHA512

    569537af512ef8cda870bc13f45296ab2daf35d50f04d585bb7cf2b6993ce89ee6bae1bb41f6b428b71b91d2603dcaeeb35f2c5993e2e51e38408d2ed3a8813d

  • SSDEEP

    768:eI4cLafNiu9ADi0DL6Dc+D3IotixZktwfyz/FJNDod+S/1H5F/sMMABvKWe:gNLdFDc+JEToH6d7ZMAdKZ

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2