Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe

  • Size

    240KB

  • Sample

    231031-w5mpraed43

  • MD5

    18d966cd04f998e3993f550c5b6e64e0

  • SHA1

    4c77c9e23eec3d5565656f9276c64fe063424e5d

  • SHA256

    52c225bb73014f84d177c85b3cdac5cf68209326a76e61230e2f4984fb23eb0a

  • SHA512

    d6ea1e7e0957a1b889773b8e5b2fa958cd4790435e44620f06312756e77a0a2db017ac8eb5019cee5e2be71d914fb7d9d6c330f7bb3bb048ace6c95567f9bfe7

  • SSDEEP

    6144:9I2wUhiAXmHKxfCIyedZwlNPjLs+H8rtMs4:9I2wUUAKKx1yGZwlNPjLYRMs4

Malware Config

Targets

    • Target

      NEAS.18d966cd04f998e3993f550c5b6e64e0_JC.exe

    • Size

      240KB

    • MD5

      18d966cd04f998e3993f550c5b6e64e0

    • SHA1

      4c77c9e23eec3d5565656f9276c64fe063424e5d

    • SHA256

      52c225bb73014f84d177c85b3cdac5cf68209326a76e61230e2f4984fb23eb0a

    • SHA512

      d6ea1e7e0957a1b889773b8e5b2fa958cd4790435e44620f06312756e77a0a2db017ac8eb5019cee5e2be71d914fb7d9d6c330f7bb3bb048ace6c95567f9bfe7

    • SSDEEP

      6144:9I2wUhiAXmHKxfCIyedZwlNPjLs+H8rtMs4:9I2wUUAKKx1yGZwlNPjLYRMs4

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks