Extracted

• • Target

    aff548eaab06eeffc993d1229fb380b3a53325da5904be9e32b4f0ec095b3d3e

  • Size

    287KB

  • MD5

    bc695cdc3ebcd922abb5bf30a3fbf9de

  • SHA1

    4bb18f3c6bbaa5dbac7366b6ef9b442384307ce0

  • SHA256

    aff548eaab06eeffc993d1229fb380b3a53325da5904be9e32b4f0ec095b3d3e

  • SHA512

    fcde59adad7af2d3bfd5f4534eb03a84f08b95bffbbfe6636024179cda2fb85440461bd0e7dfb5eb07f07f260fe71ee7df5d3d9d84021595a803d6dcc51c5b65

  • SSDEEP

    3072:Sd1u+FzPTqu4Cy24ho1mtye3lFDrFDHZtOga24ho1mtye3lOT0DVWi35U0Pc9G2u:Wu+9T4C/sFj5tT3sFOggi3NArsF1

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2