Extracted

• • Target

    4fdecdf4f189c7018b5fb6d8abae273e739556539eb11669bf086b43c242b9c3

  • Size

    45KB

  • MD5

    9b56a57001943da86df278b4fe46617d

  • SHA1

    25102272bdb3c8b1effadd9df4a56d6ab245a54d

  • SHA256

    4fdecdf4f189c7018b5fb6d8abae273e739556539eb11669bf086b43c242b9c3

  • SHA512

    efc0ca12ecde4fe411ff41574847918059bf71e8f86f1af2d431d8a9d0578e3a148e6dd4f8e0d276c18a0be9c760875d23128a96d36f1326bbace4eface32077

  • SSDEEP

    768:Tl1k9xHyy5KumnjrKHecR7CYXqRuubIQw2WoCA5nanDDgA/1H5bMh:TnK9KuE4ecRWYXqRuIIQw0H+HgGqh

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2