Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.ad132701568337a8e0d6477226a720a4.exe

  • Size

    298KB

  • Sample

    231028-wgaqaacg8x

  • MD5

    ad132701568337a8e0d6477226a720a4

  • SHA1

    cc04c19633fa38c5e3a68cd00975929dd0faf85c

  • SHA256

    db7000eca6eeaf6475dbab826a65b5843c07c933f6eb2fcde43ea16d164995f9

  • SHA512

    66527026f6f838e12deebae70a7cf22d106d3e8104f9b7e852e7b9c175fab98473e7a620da5aafaccd5f405c6ab781114743a5426ff4ee21b8bdb8a992159787

  • SSDEEP

    6144:j6Ee9kMzHmGQXnTYaT15f7o+STYaT15fJJj+ke6abT:n6inTYapJoTYapxake6e

Malware Config

Targets

    • Target

      NEAS.ad132701568337a8e0d6477226a720a4.exe

    • Size

      298KB

    • MD5

      ad132701568337a8e0d6477226a720a4

    • SHA1

      cc04c19633fa38c5e3a68cd00975929dd0faf85c

    • SHA256

      db7000eca6eeaf6475dbab826a65b5843c07c933f6eb2fcde43ea16d164995f9

    • SHA512

      66527026f6f838e12deebae70a7cf22d106d3e8104f9b7e852e7b9c175fab98473e7a620da5aafaccd5f405c6ab781114743a5426ff4ee21b8bdb8a992159787

    • SSDEEP

      6144:j6Ee9kMzHmGQXnTYaT15f7o+STYaT15fJJj+ke6abT:n6inTYapJoTYapxake6e

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks