Extracted

• • Target

    e9d9788647bd16c312ae96c50e1a3d00b99226d04fe70aa1276a5d816b0cd9d8N

  • Size

    45KB

  • MD5

    53308368c6a1615d136ea7c2e228a8f0

  • SHA1

    a1f2f5838b7f036611b7f0b47d0122ed4d9cbd9c

  • SHA256

    e9d9788647bd16c312ae96c50e1a3d00b99226d04fe70aa1276a5d816b0cd9d8

  • SHA512

    db0fd38f00e2d2749cf37d4d0e3c3b3815b4b19ca31647c1edb6a9558a4c3b2365393342eba8c6b0b5eca70120d7012429e0175787bd8722c32bb299942f2d60

  • SSDEEP

    384:eyoG/PiDbofC0T4BAEXBvM703wmQ13fmc97r0QjVZNZXgwChVBq4pPxy8pWLeS9A:bxPiVFM70mn/wwCMnr/1H5Et

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2