Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c44bac043d2eb7ab891f5e2a1a39c110.exe

  • Size

    664KB

  • Sample

    231101-rm2czahb92

  • MD5

    c44bac043d2eb7ab891f5e2a1a39c110

  • SHA1

    026a1634a90ae2e798674efd16aa8dd10dfd357f

  • SHA256

    ba9b93885ceca388a4689003ecc472f4c4b8d15c029c58011bf14e14ad731a76

  • SHA512

    aa8697df797a7cc9d1f5c0ecbb33cffde1c89c2aeeb0e758592c9ec3d653b218cfd4bf03aad1ec95f83e9cb89478444e164350b03c13dc0f6716c70e76be79f4

  • SSDEEP

    12288:GRALQGFKpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDk:pLQGFKW4XWleKWNUir2MhNl6zX3w9AsE

Malware Config

Targets

    • Target

      NEAS.c44bac043d2eb7ab891f5e2a1a39c110.exe

    • Size

      664KB

    • MD5

      c44bac043d2eb7ab891f5e2a1a39c110

    • SHA1

      026a1634a90ae2e798674efd16aa8dd10dfd357f

    • SHA256

      ba9b93885ceca388a4689003ecc472f4c4b8d15c029c58011bf14e14ad731a76

    • SHA512

      aa8697df797a7cc9d1f5c0ecbb33cffde1c89c2aeeb0e758592c9ec3d653b218cfd4bf03aad1ec95f83e9cb89478444e164350b03c13dc0f6716c70e76be79f4

    • SSDEEP

      12288:GRALQGFKpV6yYP4rbpV6yYPg058KpV6yYPNUir2MhNl6zX3w9As/xO23WM6tJmDk:pLQGFKW4XWleKWNUir2MhNl6zX3w9AsE

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks