Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.0ade5fbebdf5b7bc170f2d7191e021b0.exe

  • Size

    401KB

  • Sample

    231103-n9vxxscc69

  • MD5

    0ade5fbebdf5b7bc170f2d7191e021b0

  • SHA1

    c288acf94e5512055093c22169a8958ea73a3ccd

  • SHA256

    82b60c2beea8011496597c997fb3109992ebbe78402eaea0ca5a5548457be9c3

  • SHA512

    f377bd4789e1a2468b5f0d334c53efb3d1e94af21f1286890003d062c3b22f593d248232216dc98dd4e7962663f2680a9ab21095735a0d5bea4f15cb879a13ce

  • SSDEEP

    6144:QdEDEH8noS2Endpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:QdeZnNBndpV6yYP4rbpV6yYPg058KrY

Malware Config

Targets

    • Target

      NEAS.0ade5fbebdf5b7bc170f2d7191e021b0.exe

    • Size

      401KB

    • MD5

      0ade5fbebdf5b7bc170f2d7191e021b0

    • SHA1

      c288acf94e5512055093c22169a8958ea73a3ccd

    • SHA256

      82b60c2beea8011496597c997fb3109992ebbe78402eaea0ca5a5548457be9c3

    • SHA512

      f377bd4789e1a2468b5f0d334c53efb3d1e94af21f1286890003d062c3b22f593d248232216dc98dd4e7962663f2680a9ab21095735a0d5bea4f15cb879a13ce

    • SSDEEP

      6144:QdEDEH8noS2Endpui6yYPaIGckfru5xyDpui6yYPaIGckSU05836PGyA7:QdeZnNBndpV6yYP4rbpV6yYPg058KrY

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks