Extracted

• • Target

    ef3682cc0554ece9320787b599b862baf45c07eb6a7eb70686c044b7599c2be3N

  • Size

    63KB

  • MD5

    a266346aaa29ce3df5b377b080e17950

  • SHA1

    b6baadb5378bb4db955806c6cb3c5a7e3176c44a

  • SHA256

    ef3682cc0554ece9320787b599b862baf45c07eb6a7eb70686c044b7599c2be3

  • SHA512

    2d0d1ac4af3a994fe1d0c3fcdc91897aa1eca4fd481f8a56d78bb32d6fcd55a36b8733323d598a2028377ef41340984198095bab3cb9c1780d6dff66184b3146

  • SSDEEP

    1536:eFeC0u9nPwlJlX/BwI4mNmA7e7Y3+V+En9rjDHE:eB0u1WHP+I45vY3o+k9DHE

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2