Extracted

• • Target

    6d55849fcc8614cbddbd11c3f55fb1e9292faaf7705c180b4eea2568eeec7f42

  • Size

    45KB

  • MD5

    26e86ecbe87dc4a84ac7c6ac782b8f05

  • SHA1

    7f30f7e908999948656c6a101c390913d58f0f0c

  • SHA256

    6d55849fcc8614cbddbd11c3f55fb1e9292faaf7705c180b4eea2568eeec7f42

  • SHA512

    2c378a53eeeabd7ca8fbe7bcabec9242bb0b8bbc488407ef50e0320e2f5b1b1c8e90d8db8625e865a485c281289efc92a89356f5a33e82d13a4d0ed6542ba70b

  • SSDEEP

    768:PGMhIjgdRaNUUbutnT389h8YwbYUA2T+wT+i5ytz7W/1H5:PGpgd8Nhba389k+Q+i5l

  Score

  10^/10

  berbewbackdoordiscoverypersistence

  • Adds autorun key to be loaded by Explorer.exe on startup

    persistence

  • Berbew

    Berbew is a backdoor written in C++.

    backdoorberbew

  • Berbew family

    berbew

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2