Extracted

• • Target

    2a61ed2dc84d90c9ec0fc9c210e42aafda40567e4e0ebb1e42a55813316d5acf

  • Size

    93KB

  • MD5

    4c738eef899b4d89176fff36fc008d91

  • SHA1

    54b5d290d767f618edfb1d71bb92d05fd3715f0e

  • SHA256

    2a61ed2dc84d90c9ec0fc9c210e42aafda40567e4e0ebb1e42a55813316d5acf

  • SHA512

    bae265b64c46d75f742c5edd6322cf69e5e99c4a008fff737662e4577dd8ae0209528041fa4b342620639d6e36d80d1bf0895222df314e9a4a0e12d2032da8fb

  • SSDEEP

    1536:/76Yx1UnreB3M00HfYklO7uXcNvvm5yw/Lb0OUrrQ35wNBUyVV0:eYx1/tMRfYf7usluTXp6Uj

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2