Extracted

• • Target

    3a92ab4d34d0ad7361a06e538e31d1fa592353193f0bdad56b63ebe21099c4bb

  • Size

    352KB

  • MD5

    d2d6778b59eceea4bc367ccf881e54e2

  • SHA1

    477a40d54dde5510b1af79b2ee599046fd6e4fed

  • SHA256

    3a92ab4d34d0ad7361a06e538e31d1fa592353193f0bdad56b63ebe21099c4bb

  • SHA512

    de6c87707511d43c6fef3da60e2502aef7003e5e0e94598b8217a18aa9654bb9cc321632188cad92d073e9ce2ed4620519d974e314fd910a75283b11dc22784c

  • SSDEEP

    6144:UPRk1+4IbxHTpr1ItvLUErOU7amYBAYpd0ucyEWJrj1mKZHPSv/rpwMBhpNFdFfX:crvxFrCZYE6YYBHpd0uD319ZvSntnhpn

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2