Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.bd75981b96d46bb2cd3b3d335a8854e0_JC.exe

  • Size

    161KB

  • Sample

    231102-nn1ahsda67

  • MD5

    bd75981b96d46bb2cd3b3d335a8854e0

  • SHA1

    d4cf7c321ad0209116c5b2f56abbdb8d765a904c

  • SHA256

    448a60e209bb9384937c4673d396f8e6057eaa0c3c7789021206f42a96e01594

  • SHA512

    fad814a135c3760137169037b14cfdfbbb4a90ba0b19686f6b22aa0d3c5d980626d741151fae578c0c61fcb57c7cb1156b35b8bd8f8b9b1086a789cb9c5c1ffa

  • SSDEEP

    3072:gxYPEGM/dYloBTGqeu7sIbBunWsMOrssssss9MqkoVwtCJXeex7rrIRZK8K8/kv:iYPEGM/tleu5bB2Ws/ssssss9/koVwty

Malware Config

Targets

    • Target

      NEAS.bd75981b96d46bb2cd3b3d335a8854e0_JC.exe

    • Size

      161KB

    • MD5

      bd75981b96d46bb2cd3b3d335a8854e0

    • SHA1

      d4cf7c321ad0209116c5b2f56abbdb8d765a904c

    • SHA256

      448a60e209bb9384937c4673d396f8e6057eaa0c3c7789021206f42a96e01594

    • SHA512

      fad814a135c3760137169037b14cfdfbbb4a90ba0b19686f6b22aa0d3c5d980626d741151fae578c0c61fcb57c7cb1156b35b8bd8f8b9b1086a789cb9c5c1ffa

    • SSDEEP

      3072:gxYPEGM/dYloBTGqeu7sIbBunWsMOrssssss9MqkoVwtCJXeex7rrIRZK8K8/kv:iYPEGM/tleu5bB2Ws/ssssss9/koVwty

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks