Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.a8bb92e1c87d134fb235ce0a61683fb0.exe

  • Size

    448KB

  • Sample

    231028-yqcmcabc76

  • MD5

    a8bb92e1c87d134fb235ce0a61683fb0

  • SHA1

    b5dc91be9187e8d048927b20ba26b78451a4a1a6

  • SHA256

    655174dac67d154fed797840665bc2e5f7beffdd7bd9e97a8326bc8afa448eca

  • SHA512

    558c140b26cea301dc615b2abddc014ebd7007deaa76f2523b9b1e9513f8795198bf05800d5f900fdbf211d6b303d6e4f3af209ab2934ec2f908e20f396e75a7

  • SSDEEP

    6144:2iDFCPV+Ma7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOEjXP3HBsR4/0ePGSzxC:2iBJj7aOlxzr3cOK3TajRfXFMKNxC

Malware Config

Targets

    • Target

      NEAS.a8bb92e1c87d134fb235ce0a61683fb0.exe

    • Size

      448KB

    • MD5

      a8bb92e1c87d134fb235ce0a61683fb0

    • SHA1

      b5dc91be9187e8d048927b20ba26b78451a4a1a6

    • SHA256

      655174dac67d154fed797840665bc2e5f7beffdd7bd9e97a8326bc8afa448eca

    • SHA512

      558c140b26cea301dc615b2abddc014ebd7007deaa76f2523b9b1e9513f8795198bf05800d5f900fdbf211d6b303d6e4f3af209ab2934ec2f908e20f396e75a7

    • SSDEEP

      6144:2iDFCPV+Ma7aOl3BzrUmKyIxLfYeOO9UmKyIxLiajOEjXP3HBsR4/0ePGSzxC:2iBJj7aOlxzr3cOK3TajRfXFMKNxC

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks