Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.ddee1b7eb824230dc4c7f244b9a8b820.exe

  • Size

    386KB

  • Sample

    231102-vcvzzsbe2s

  • MD5

    ddee1b7eb824230dc4c7f244b9a8b820

  • SHA1

    89ccf62f40adce258e9057472553de7fc810c3b3

  • SHA256

    59de69cf530e8042c7aabb85f6cd32d9ddba0a4533dd951e809fc56176a63cb1

  • SHA512

    a4fceb95c489ddefc7b128e73a17b395222e3062046fd3d487dc3cb4c4dcb567e36c0c1d9ccac2a55c9cd94bbc086bf4ecdca634f430634e62d83f0fef14fd9e

  • SSDEEP

    12288:dTZF4rCZYE6YYBHpd0uD319ZvSntnhp352SCdL:arCyE6YYBHpd0uD319ZvSntnhp352SCB

Malware Config

Targets

    • Target

      NEAS.ddee1b7eb824230dc4c7f244b9a8b820.exe

    • Size

      386KB

    • MD5

      ddee1b7eb824230dc4c7f244b9a8b820

    • SHA1

      89ccf62f40adce258e9057472553de7fc810c3b3

    • SHA256

      59de69cf530e8042c7aabb85f6cd32d9ddba0a4533dd951e809fc56176a63cb1

    • SHA512

      a4fceb95c489ddefc7b128e73a17b395222e3062046fd3d487dc3cb4c4dcb567e36c0c1d9ccac2a55c9cd94bbc086bf4ecdca634f430634e62d83f0fef14fd9e

    • SSDEEP

      12288:dTZF4rCZYE6YYBHpd0uD319ZvSntnhp352SCdL:arCyE6YYBHpd0uD319ZvSntnhp352SCB

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks