Extracted

• • Target

    6a0311375ae9d59a50b588fb799d6e8ceceb3de7016af5afcc9c8ba238530456

  • Size

    92KB

  • MD5

    a228b7bd8e8dd2bacc846bc0498780fa

  • SHA1

    ac3b775aa0a389012e348adaaa88b3dc17b63bc0

  • SHA256

    6a0311375ae9d59a50b588fb799d6e8ceceb3de7016af5afcc9c8ba238530456

  • SHA512

    262ce2078516b2b0b1fecb0422b8b984bd43386c0e261d0c39dbf6790784dcadb557c5b4f2012f85b6ccf7b965cb244f33a6393440da7a985abe416ee3af0e39

  • SSDEEP

    1536:BqI7ZWurXsEiGP1OQFGsiqRQq9nIfqitYNQQgyoORXnKQrUoR24HsUc:BmurXviaPTiFzfqitYWKoH6THsB

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2