Extracted

• • Target

    bdac0292a5ce6ec616dece19706a86f2f4dbba7583ebc3f7c298831bb67f00e2N

  • Size

    63KB

  • MD5

    b1a52e8750a835975dafae39ab116620

  • SHA1

    ebeebcdf219efbaa36864ad27f467f7627401dc0

  • SHA256

    bdac0292a5ce6ec616dece19706a86f2f4dbba7583ebc3f7c298831bb67f00e2

  • SHA512

    2aacf2ed48269dc2877dc9f51116b960951422c6c0520172c9f04892b579dadd0785b62af531c07a862411edaaaaa44ede707829eedb606beeaceda029b633e1

  • SSDEEP

    768:+9ad6NXaA/DObGshrLISKPxEGlInKLtgxI2/1H5oVE6BmrUTvn93b7NRDMFME3e6:ua0NTDObL9LQSG0ct2Ic+VaEn9rjDHE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2