Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.129056b3cc5233fa9c5acd889e9f7e30_JC.exe

  • Size

    483KB

  • Sample

    231103-eqzx4abh5s

  • MD5

    129056b3cc5233fa9c5acd889e9f7e30

  • SHA1

    195938ef55afeb222465adc5009cb0e1cdda24a7

  • SHA256

    b45b84bcc48651de330d4019c59f430593151648794f118a543a534750c6b5de

  • SHA512

    7f09d74194f7530b106a6621fba8908aa473325c823e8b47f9217c7b5ae5df7c29beb261c3ba6717ebe81f25bf4543e8558bac3fc2759eb0510922844fc12453

  • SSDEEP

    12288:u6sutY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:u+tY5wdhcdhMHG

Malware Config

Targets

    • Target

      NEAS.129056b3cc5233fa9c5acd889e9f7e30_JC.exe

    • Size

      483KB

    • MD5

      129056b3cc5233fa9c5acd889e9f7e30

    • SHA1

      195938ef55afeb222465adc5009cb0e1cdda24a7

    • SHA256

      b45b84bcc48651de330d4019c59f430593151648794f118a543a534750c6b5de

    • SHA512

      7f09d74194f7530b106a6621fba8908aa473325c823e8b47f9217c7b5ae5df7c29beb261c3ba6717ebe81f25bf4543e8558bac3fc2759eb0510922844fc12453

    • SSDEEP

      12288:u6sutY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:u+tY5wdhcdhMHG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks