Extracted

• • Target

    041880b40cf803dc66eb1bcc03f556025d5b939d15e1deb61d7ec3d93083fcdfN

  • Size

    45KB

  • MD5

    7502593256904c0c9919ac6bc6d04fe0

  • SHA1

    884594f3a0a6ad5def11aefbbacbe44b9d764ec0

  • SHA256

    041880b40cf803dc66eb1bcc03f556025d5b939d15e1deb61d7ec3d93083fcdf

  • SHA512

    ddb538744e4695e333de4ca14bf69360ddd9e6ac62d35dc860a749577963b508ffcb5b418486376dd79866d65211f1ec799d38fb15ce66f4d285cd5e0020162f

  • SSDEEP

    768:mb25Egx6s94xGa7YdMa7A7XAVb3zehpc5oE/AAwgAkX9xioPLkOs2V/1H5v3:mb896eMhgK0d/nvAkNEo7s2P93

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2