Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.afc59c367f4135de994f9e22a143d370.exe

  • Size

    136KB

  • Sample

    231101-fjrhtacg75

  • MD5

    afc59c367f4135de994f9e22a143d370

  • SHA1

    a2ee61913494b927674ab9eb3b435ffeb3ce2da8

  • SHA256

    13c83a6da067f114db7d712d789d3959fe08887e9d3b832abc9e7bc12caec274

  • SHA512

    5a3d19fe7707297706822aa989963ea1414824e34f26e1286018908e736a7d065dfed0acee9e8ed025555399ef0638c215faf24d59dce87d04f74993bbdea4e1

  • SSDEEP

    1536:AYjIyeC1eUfKjkhBYJ7mTCbqODiC1ZsyHZK0FjlqsS5eHyG9LU3YG8nk8QHNugpV:ZdEUfKj8BYbDiC1ZTK7sxtLUIGukugyw

Malware Config

Targets

    • Target

      NEAS.afc59c367f4135de994f9e22a143d370.exe

    • Size

      136KB

    • MD5

      afc59c367f4135de994f9e22a143d370

    • SHA1

      a2ee61913494b927674ab9eb3b435ffeb3ce2da8

    • SHA256

      13c83a6da067f114db7d712d789d3959fe08887e9d3b832abc9e7bc12caec274

    • SHA512

      5a3d19fe7707297706822aa989963ea1414824e34f26e1286018908e736a7d065dfed0acee9e8ed025555399ef0638c215faf24d59dce87d04f74993bbdea4e1

    • SSDEEP

      1536:AYjIyeC1eUfKjkhBYJ7mTCbqODiC1ZsyHZK0FjlqsS5eHyG9LU3YG8nk8QHNugpV:ZdEUfKj8BYbDiC1ZTK7sxtLUIGukugyw

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks