Extracted

• • Target

    72073356a2c426b92de3bb0cbb8930de3b6f82be704338f1b4dd5c894682c872

  • Size

    101KB

  • MD5

    ad6fecbc495ca79632903d6c4719d667

  • SHA1

    1601935626361eac163dcd983db23ec9c7af7f3a

  • SHA256

    72073356a2c426b92de3bb0cbb8930de3b6f82be704338f1b4dd5c894682c872

  • SHA512

    f423cc614f9d7ee787631afa7cea3f0208d278b604c4dc27d28a2a362b9f0c4140b586a4988c3219070bd70d3091b59075dedb8129d7aa3b61985cc487cd8a60

  • SSDEEP

    1536:3Pr4TsGnP8WV5ByPhwji9XQyWy4mIzXtuXqbyNXrg0sZS7qlDABU8B9HYcJvDX:0Y9Xj+duXqbyu0sY7q5AnrHY4vDX

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2