Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.b83167734464e7c3c7b91335ab150b80.exe

  • Size

    125KB

  • Sample

    231101-rmb33sgg48

  • MD5

    b83167734464e7c3c7b91335ab150b80

  • SHA1

    67a2d4a280121493ad376cc0bf2fedb90609c98b

  • SHA256

    32d59e299e20a0b4115a3ec5bc7367662152e05d72bf4743bc31796fb5350a77

  • SHA512

    515f36234618dcef6efe100f133961df45790b3509daabf45361e2f194b0518f347afed40105fad2738050d8fd244c4cd86c465957073cc7e59056bfcfaea816

  • SSDEEP

    3072:ozR+LYpIWCqfhDJldMc41WdTCn93OGey/ZhJakrPF:ozFp6qkcXTCndOGeKTaG

Malware Config

Targets

    • Target

      NEAS.b83167734464e7c3c7b91335ab150b80.exe

    • Size

      125KB

    • MD5

      b83167734464e7c3c7b91335ab150b80

    • SHA1

      67a2d4a280121493ad376cc0bf2fedb90609c98b

    • SHA256

      32d59e299e20a0b4115a3ec5bc7367662152e05d72bf4743bc31796fb5350a77

    • SHA512

      515f36234618dcef6efe100f133961df45790b3509daabf45361e2f194b0518f347afed40105fad2738050d8fd244c4cd86c465957073cc7e59056bfcfaea816

    • SSDEEP

      3072:ozR+LYpIWCqfhDJldMc41WdTCn93OGey/ZhJakrPF:ozFp6qkcXTCndOGeKTaG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks