Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.0299570b14805e6f5d46fe2e34a03cc0_JC.exe

  • Size

    161KB

  • Sample

    231101-lyytbsgg58

  • MD5

    0299570b14805e6f5d46fe2e34a03cc0

  • SHA1

    4a1f7f483eeab149957eef27cd935f60ef311f62

  • SHA256

    43676b2bcca6882c3875a4712b2ed760e609ea08c9d584c0fffaf76f1f7e6833

  • SHA512

    01e41137533a540472ac30b7e2879a621b273fdcc4c613d4a1ac82b3ca0be5970dac1d8468f3424d26b8af9fb87c248211cbadad496ce4ed18f5906a58f1eb90

  • SSDEEP

    3072:0esahcjcuQ3/V8wkMVwtCJXeex7rrIRZK8K8/kv:05j3wkMVwtmeetrIyR

Malware Config

Targets

    • Target

      NEAS.0299570b14805e6f5d46fe2e34a03cc0_JC.exe

    • Size

      161KB

    • MD5

      0299570b14805e6f5d46fe2e34a03cc0

    • SHA1

      4a1f7f483eeab149957eef27cd935f60ef311f62

    • SHA256

      43676b2bcca6882c3875a4712b2ed760e609ea08c9d584c0fffaf76f1f7e6833

    • SHA512

      01e41137533a540472ac30b7e2879a621b273fdcc4c613d4a1ac82b3ca0be5970dac1d8468f3424d26b8af9fb87c248211cbadad496ce4ed18f5906a58f1eb90

    • SSDEEP

      3072:0esahcjcuQ3/V8wkMVwtCJXeex7rrIRZK8K8/kv:05j3wkMVwtmeetrIyR

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks