Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.de5db463106e06e103bd087b5b0ef19b.exe

  • Size

    378KB

  • Sample

    231028-wgk61sef57

  • MD5

    de5db463106e06e103bd087b5b0ef19b

  • SHA1

    1d8671cb9f972ed0d69939200119072355ad3c02

  • SHA256

    96ebff2caef4537207240158784f39297110597e0963f5dd296063e201e49af5

  • SHA512

    8c42a0caf32bd5b575d50ed57dc4c576558813cb8b41204c8030f000bf9e27a3fa45c77e31247e82141359ec859d471f0657b3ae10b52b5db8a78a93914caa40

  • SSDEEP

    6144:FaNvu1IoWE1eYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+42GTQ+:KiIoP1eYr75lTefkY660fIaDZkY660fR

Malware Config

Targets

    • Target

      NEAS.de5db463106e06e103bd087b5b0ef19b.exe

    • Size

      378KB

    • MD5

      de5db463106e06e103bd087b5b0ef19b

    • SHA1

      1d8671cb9f972ed0d69939200119072355ad3c02

    • SHA256

      96ebff2caef4537207240158784f39297110597e0963f5dd296063e201e49af5

    • SHA512

      8c42a0caf32bd5b575d50ed57dc4c576558813cb8b41204c8030f000bf9e27a3fa45c77e31247e82141359ec859d471f0657b3ae10b52b5db8a78a93914caa40

    • SSDEEP

      6144:FaNvu1IoWE1eYr75lHzpaF2e6UK+42GTQMJSZO5f7M0rx7/hP66qve6UK+42GTQ+:KiIoP1eYr75lTefkY660fIaDZkY660fR

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks