Extracted

• • Target

    ac87f46dd9f6fa4bec48e856b03d2e4f408c5660d0700cfb23a00242a0db9fab

  • Size

    465KB

  • MD5

    f6f24460302b7a5ccc05efa4d4894fb1

  • SHA1

    65b9d8ffac83594c8cbe535a0862a10ffc535ca4

  • SHA256

    ac87f46dd9f6fa4bec48e856b03d2e4f408c5660d0700cfb23a00242a0db9fab

  • SHA512

    b99a6ffc6b6cf36e42d28460673887f0b0fa359acd12448cf989e31326721dc00c1b4af82bdb50ac17d8f541c477b726bb6d51b8ea0aa5be5b589f58232bc2ef

  • SSDEEP

    6144:3FCLhv1IbqOOVF5V4lKjIbvBhRJfzSf9x7N/I7b9M:3FClv19O8LKlUmpRe94a

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2