Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.ee2811293728eab380822a222a692d60_JC.exe

  • Size

    155KB

  • Sample

    231102-lnt3dscb35

  • MD5

    ee2811293728eab380822a222a692d60

  • SHA1

    412f733cb53f2c25774989672a63df407911c686

  • SHA256

    0479f169522a00a321937503c69bd38968eeae3531a3d91916e445cc9dbd93eb

  • SHA512

    e347427b9ec81260fd0b98a425e28d2be64a8f2d37c31bff4ad442bf74ed396dcb7b2a4396971b712442430a7459df1d129620bbdb00ca0a16e207eecb944c69

  • SSDEEP

    3072:7x+tVThvuSBxuxnL+zrZEznYfzB9BSwWO:8ZbuwrZYOzLcK

Malware Config

Targets

    • Target

      NEAS.ee2811293728eab380822a222a692d60_JC.exe

    • Size

      155KB

    • MD5

      ee2811293728eab380822a222a692d60

    • SHA1

      412f733cb53f2c25774989672a63df407911c686

    • SHA256

      0479f169522a00a321937503c69bd38968eeae3531a3d91916e445cc9dbd93eb

    • SHA512

      e347427b9ec81260fd0b98a425e28d2be64a8f2d37c31bff4ad442bf74ed396dcb7b2a4396971b712442430a7459df1d129620bbdb00ca0a16e207eecb944c69

    • SSDEEP

      3072:7x+tVThvuSBxuxnL+zrZEznYfzB9BSwWO:8ZbuwrZYOzLcK

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks