Extracted

• • Target

    d26b53ba35001d28d5f921838e327cfe77aad1156c97da8b8cb050d1b8bf9f23N

  • Size

    45KB

  • MD5

    d85cf9391558d0e4f27b1f56604cfb30

  • SHA1

    cfe5e77df5162276684d350f366db492ccf544aa

  • SHA256

    d26b53ba35001d28d5f921838e327cfe77aad1156c97da8b8cb050d1b8bf9f23

  • SHA512

    494f12b7d1ced0f1301e43e142fdb355fa4d04eabd82992a139edab2ce5b1040c0c3d3db5aed9f8cc9785b6989fc227f72c24348c50363e28ebe01011a80cee5

  • SSDEEP

    768:oX+OK36n0exVolWd2XNZxslGJr+BYa/PWmne88yLEhK/1H5SW:oX+LQ0extANQlUr2XWmneFGEaB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2