Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe
-
Size
240KB
-
Sample
231031-w5mpraed43
-
MD5
18d966cd04f998e3993f550c5b6e64e0
-
SHA1
4c77c9e23eec3d5565656f9276c64fe063424e5d
-
SHA256
52c225bb73014f84d177c85b3cdac5cf68209326a76e61230e2f4984fb23eb0a
-
SHA512
d6ea1e7e0957a1b889773b8e5b2fa958cd4790435e44620f06312756e77a0a2db017ac8eb5019cee5e2be71d914fb7d9d6c330f7bb3bb048ace6c95567f9bfe7
-
SSDEEP
6144:9I2wUhiAXmHKxfCIyedZwlNPjLs+H8rtMs4:9I2wUUAKKx1yGZwlNPjLYRMs4
Behavioral task
behavioral1
Sample
NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe
-
Size
240KB
-
MD5
18d966cd04f998e3993f550c5b6e64e0
-
SHA1
4c77c9e23eec3d5565656f9276c64fe063424e5d
-
SHA256
52c225bb73014f84d177c85b3cdac5cf68209326a76e61230e2f4984fb23eb0a
-
SHA512
d6ea1e7e0957a1b889773b8e5b2fa958cd4790435e44620f06312756e77a0a2db017ac8eb5019cee5e2be71d914fb7d9d6c330f7bb3bb048ace6c95567f9bfe7
-
SSDEEP
6144:9I2wUhiAXmHKxfCIyedZwlNPjLs+H8rtMs4:9I2wUUAKKx1yGZwlNPjLYRMs4
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Malware Backdoor - Berbew
Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-