Extracted

• • Target

    f7649f32c1fc66b223596d6c4cf70e041fa8a3ce2f30970d7be651454248b01a

  • Size

    64KB

  • MD5

    5af04760d3a37f88c04e358ff443ad9f

  • SHA1

    176179118e276f9964cd257e3d7bd8500f2dc786

  • SHA256

    f7649f32c1fc66b223596d6c4cf70e041fa8a3ce2f30970d7be651454248b01a

  • SHA512

    351209ec0b60e87adcb9326eae2aae357e9c6811e0439f493e649e9ddecb67e29f3026e1cb631b1cd66418199a8c061d81294cae2830b4a5aaa8d2ed3af8f48a

  • SSDEEP

    768:NHM++98xV3h9FxfB9RHXyQdfpRLFM+RWyPk6OZMsuyZlVr/1H54FYnlKA2kms8Yo:LbjNf3FpVPk6OZVzxWylrPFW2iwTbWv

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2