Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.54fc6d1dbedf37b78caedebc247ff670.exe

  • Size

    229KB

  • Sample

    231028-ymle3shd54

  • MD5

    54fc6d1dbedf37b78caedebc247ff670

  • SHA1

    c6ddbc96d5bcd93564e5201bbd18f399d0a342cc

  • SHA256

    7e989cff85b9f1360c83770b3c07a031c225f34c15f714e907885d54a88e8392

  • SHA512

    8fcaed93d471c37dd1c23528fd7ce5d03f2768364979c7ee4c4c0410695cd0fb02134e95eb63986aa3957e69313c728c12c662a1bc7f1de158786cdb3236b1c5

  • SSDEEP

    6144:u2bcqYHMgvYyp5271+HZ/pvkym/89bYEwPhCKvav:uCcX3S7AIfFfvav

Malware Config

Targets

    • Target

      NEAS.54fc6d1dbedf37b78caedebc247ff670.exe

    • Size

      229KB

    • MD5

      54fc6d1dbedf37b78caedebc247ff670

    • SHA1

      c6ddbc96d5bcd93564e5201bbd18f399d0a342cc

    • SHA256

      7e989cff85b9f1360c83770b3c07a031c225f34c15f714e907885d54a88e8392

    • SHA512

      8fcaed93d471c37dd1c23528fd7ce5d03f2768364979c7ee4c4c0410695cd0fb02134e95eb63986aa3957e69313c728c12c662a1bc7f1de158786cdb3236b1c5

    • SSDEEP

      6144:u2bcqYHMgvYyp5271+HZ/pvkym/89bYEwPhCKvav:uCcX3S7AIfFfvav

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks