Extracted

• • Target

    4541d9fa4a1adc9b36b51d1e211e3bf176badd3a2ab64b6d89c08b57bb2b4ab9N

  • Size

    45KB

  • MD5

    7e1b3622b8c522f42accd982da1371c0

  • SHA1

    a8946eecb10f7040a277fdfeca279eb8f7c56f92

  • SHA256

    4541d9fa4a1adc9b36b51d1e211e3bf176badd3a2ab64b6d89c08b57bb2b4ab9

  • SHA512

    069d4d87370d65ec158327fdd7e6ae34a52b3825f9712c2ee436c0d9f8644980bb7227001c9cb1a108cef2c3c8a53da27e05ad7e4c092925a6b79b1896d7e872

  • SSDEEP

    768:efr9YCAsvb+ToGhcrojYu5gmqSxyTOD7beBry+M4A1xcQwZDAyAp/1H56:y9Yfib+TxVl5gnQypyMA1WDjAj8

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2