Extracted

• • Target

    28050b85e6e32d9bb7bfcb028132e480ca7da0c75f812d603e20f4457fbbd2a2

  • Size

    55KB

  • MD5

    a1b3272b30b39e04be7239f3784f97f6

  • SHA1

    394c05a6453c05f37f60737fdd6bf094020a5371

  • SHA256

    28050b85e6e32d9bb7bfcb028132e480ca7da0c75f812d603e20f4457fbbd2a2

  • SHA512

    6f56f0bb4b2591d4fc9a0125c0f25cc711647d4f708f18c603f9594866d96f396028fa385942ea5a17ace76b2e784ca124e7cb9371f707a48535cf534a22f67c

  • SSDEEP

    768:WAlbk+bNCJdKBeMTsDxkETNeVtezf53ZXTesPb6W1VE/1H53NSoNSd0A3shxDfC:DbXbQ0ab/XTeckxNSoNSd0A3shxD6

  Score

  10^/10

  berbewbruteratelbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Brute Ratel C4

    A customized command and control framework for red teaming and adversary simulation.

    backdoorbruteratel

  • Bruteratel family

    bruteratel

  • Detect BruteRatel badger

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2