Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d6b7833325f47ee76a1ab916393459b0.exe

  • Size

    398KB

  • Sample

    231028-y1p1esda97

  • MD5

    d6b7833325f47ee76a1ab916393459b0

  • SHA1

    3127b61cf042e0b053e999416710a9fa73f8000b

  • SHA256

    b78be520ae5df807c229593f81da15c23bd009bb8ca39d6449968d22ec4613bf

  • SHA512

    e25872385a702998767d278a5e14f362a0461f471520a564bc4d589d538789eb83a1b52df593e3b7e0dcbd37f2f372d39022dd7a8858016a9baf566bb2066a71

  • SSDEEP

    12288:W2VOXS6t3XGCByvNv54B9f01ZmHByvNv5imipWf0Aq:ROXS6t3XGpvr4B9f01ZmQvrimipWf0Aq

Malware Config

Targets

    • Target

      NEAS.d6b7833325f47ee76a1ab916393459b0.exe

    • Size

      398KB

    • MD5

      d6b7833325f47ee76a1ab916393459b0

    • SHA1

      3127b61cf042e0b053e999416710a9fa73f8000b

    • SHA256

      b78be520ae5df807c229593f81da15c23bd009bb8ca39d6449968d22ec4613bf

    • SHA512

      e25872385a702998767d278a5e14f362a0461f471520a564bc4d589d538789eb83a1b52df593e3b7e0dcbd37f2f372d39022dd7a8858016a9baf566bb2066a71

    • SSDEEP

      12288:W2VOXS6t3XGCByvNv54B9f01ZmHByvNv5imipWf0Aq:ROXS6t3XGpvr4B9f01ZmQvrimipWf0Aq

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks