Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.07a6b5024d3ea2b059c92f31b415afd0.exe

  • Size

    100KB

  • Sample

    231022-t95p1scg85

  • MD5

    07a6b5024d3ea2b059c92f31b415afd0

  • SHA1

    5cd1d5fbef36746454a54486427e02ba385a2929

  • SHA256

    22782b808a332503b89327703b81ae872ade64933c39ea92daee9c4fabe7ac17

  • SHA512

    afaa5d7f4c2cd3e0c80611c878ede0dcb5f36bcc2d8aaf613f042a0ef49f162114860c4f3d3c08978ac04bf998c952d94ad3c002634fcfba31bb7b3518239ed6

  • SSDEEP

    3072:NCB/JikRdPOBfIdcSw23jQ6wSvGRHLMFR8n5j8YD:NCpZRdPOBfIdcSw23jfwSvGRH4FR6jp

Malware Config

Targets

    • Target

      NEAS.07a6b5024d3ea2b059c92f31b415afd0.exe

    • Size

      100KB

    • MD5

      07a6b5024d3ea2b059c92f31b415afd0

    • SHA1

      5cd1d5fbef36746454a54486427e02ba385a2929

    • SHA256

      22782b808a332503b89327703b81ae872ade64933c39ea92daee9c4fabe7ac17

    • SHA512

      afaa5d7f4c2cd3e0c80611c878ede0dcb5f36bcc2d8aaf613f042a0ef49f162114860c4f3d3c08978ac04bf998c952d94ad3c002634fcfba31bb7b3518239ed6

    • SSDEEP

      3072:NCB/JikRdPOBfIdcSw23jQ6wSvGRHLMFR8n5j8YD:NCpZRdPOBfIdcSw23jfwSvGRH4FR6jp

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks