Extracted

• • Target

    83bbd708bd314be7505c0c464459b3da219bbc00a5166bf9739c3172a47b3360N

  • Size

    84KB

  • MD5

    1a495d3f5b86cf1a5d9820d7cb973a00

  • SHA1

    bfa858e407368df9a4d1a8fe978963a9da9cebc8

  • SHA256

    83bbd708bd314be7505c0c464459b3da219bbc00a5166bf9739c3172a47b3360

  • SHA512

    987802cef423c86ee86449c2cc8cf54df14123aac01d1ba7e883df573cf1c9af948ef4313a4faaf77e861d35a2f5771dfba8a1e45f1fad88f036209805f500cc

  • SSDEEP

    1536:tLKJASfISGivpEd/rvLj+8ANZLvfPDyH6n8dEelLYR7xeGSmUmmmmmmmmmmmmmmQ:sAK/GtDvLju3PDyH6n8djlLYR7xr3

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2