Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NEAS.ccfca...d0.exe

windows7-x64

10

NEAS.ccfca...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.ccfca656f522425a7e95db97790099d0.exe

  • Size

    96KB

  • Sample

    231028-yz3vwscf49

  • MD5

    ccfca656f522425a7e95db97790099d0

  • SHA1

    3cdc49c839b911707fae0c5fd8c5900eda175c49

  • SHA256

    02a5b3b80d36af92fd522e0dc5b42178ac6457baf79c4b2c86e56f800d20068b

  • SHA512

    96f4ff9518da3493b21d5d91feecffab87efda27a2a75f8efc622b63c6f22d92f49ee2c8e3b492f7c1a605b8379ca5a5a5d0471ea06a34ca424a9be9bc2f7141

  • SSDEEP

    1536:RxmFTMOuLZT3LifkuDZ7wV44XVcdZ2JVQBKoC/CKniTCvVAva61hLDnePhVsWzRM:RxmFwlVbIkzV48VqZ2fQkbn1vVAva63l

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.ccfca656f522425a7e95db97790099d0.exe

    • Size

      96KB

    • MD5

      ccfca656f522425a7e95db97790099d0

    • SHA1

      3cdc49c839b911707fae0c5fd8c5900eda175c49

    • SHA256

      02a5b3b80d36af92fd522e0dc5b42178ac6457baf79c4b2c86e56f800d20068b

    • SHA512

      96f4ff9518da3493b21d5d91feecffab87efda27a2a75f8efc622b63c6f22d92f49ee2c8e3b492f7c1a605b8379ca5a5a5d0471ea06a34ca424a9be9bc2f7141

    • SSDEEP

      1536:RxmFTMOuLZT3LifkuDZ7wV44XVcdZ2JVQBKoC/CKniTCvVAva61hLDnePhVsWzRM:RxmFwlVbIkzV48VqZ2fQkbn1vVAva63l

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks