Extracted

• • Target

    19c7779d18e09bb096a070927b3aac0895df3ab3c4ebf6b2ae77898716535a44

  • Size

    91KB

  • MD5

    f1181c350d7615846105a6950af2a444

  • SHA1

    1aebf72d85c2a418601621138e41a6308af8718c

  • SHA256

    19c7779d18e09bb096a070927b3aac0895df3ab3c4ebf6b2ae77898716535a44

  • SHA512

    49e203e43c696248f1e9ee860ae2e15f54d24352e8cd1d313ea809b7c68d7faf7a129a2d59a86c07b562d5cce1595d5a5f27b2df4b132c52da25e01020095e2b

  • SSDEEP

    1536:eRQo9V82suX930z2QQ0X2Yd5tNqAMG1lLBsLnVLdGUHyNwtN4/nLLVaBlEaaaaaN:igcW2T0XFLtF1lLBsLnVUUHyNwtN4/nG

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2