Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.eef60ee1a93c5af10c227eb1e9a72c30_JC.exe

  • Size

    262KB

  • Sample

    231031-vqlcpsdf22

  • MD5

    eef60ee1a93c5af10c227eb1e9a72c30

  • SHA1

    733d54230a133e7591568b52221d5ab8cade77c7

  • SHA256

    2475803ce7343c6188ecdb96ebbc48f9c0c2056a068960d5b887970d242452cf

  • SHA512

    484bab45b54cb4acc666c0705e5f80a3336a9730e3c21a8bd2618442ce472f630fdc55d28801b90706734bd24a426d4078545e303b88975ee6073f738de42e97

  • SSDEEP

    6144:SyiMJ6f8jLi2CMw5w31Lx4tiqn/PlVGSu4RiNdpxPtOS:SyiMYs8UFLxYNQWRap/d

Malware Config

Targets

    • Target

      NEAS.eef60ee1a93c5af10c227eb1e9a72c30_JC.exe

    • Size

      262KB

    • MD5

      eef60ee1a93c5af10c227eb1e9a72c30

    • SHA1

      733d54230a133e7591568b52221d5ab8cade77c7

    • SHA256

      2475803ce7343c6188ecdb96ebbc48f9c0c2056a068960d5b887970d242452cf

    • SHA512

      484bab45b54cb4acc666c0705e5f80a3336a9730e3c21a8bd2618442ce472f630fdc55d28801b90706734bd24a426d4078545e303b88975ee6073f738de42e97

    • SSDEEP

      6144:SyiMJ6f8jLi2CMw5w31Lx4tiqn/PlVGSu4RiNdpxPtOS:SyiMYs8UFLxYNQWRap/d

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks