Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.67fe5b78dcebdf8cd1eb67e8c76ae130_JC.exe

  • Size

    240KB

  • Sample

    231105-dlv8nsaa9x

  • MD5

    67fe5b78dcebdf8cd1eb67e8c76ae130

  • SHA1

    fc7bc42b75f692baf790a18ef50c66bd488667c9

  • SHA256

    b4d3dd9700c10db8cdbdf2a8db0cde6b23a54b420490de60b783894ae2b57ede

  • SHA512

    25971bd6dd70272c697dac9d37c84b0cedbfdb3ebaddbdc5291d07685b853aaf83581249cf0e57045fb85d4de0f0765af0e410eef5fa8a4ba47bdefca74d2b04

  • SSDEEP

    3072:Y2/2dEOkHlhXRZZYrQmbAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi18:SslFWMmbIyedZwlNPjLs+H8rtMs4

Malware Config

Targets

    • Target

      NEAS.67fe5b78dcebdf8cd1eb67e8c76ae130_JC.exe

    • Size

      240KB

    • MD5

      67fe5b78dcebdf8cd1eb67e8c76ae130

    • SHA1

      fc7bc42b75f692baf790a18ef50c66bd488667c9

    • SHA256

      b4d3dd9700c10db8cdbdf2a8db0cde6b23a54b420490de60b783894ae2b57ede

    • SHA512

      25971bd6dd70272c697dac9d37c84b0cedbfdb3ebaddbdc5291d07685b853aaf83581249cf0e57045fb85d4de0f0765af0e410eef5fa8a4ba47bdefca74d2b04

    • SSDEEP

      3072:Y2/2dEOkHlhXRZZYrQmbAPgxed6BYudlNPMAvAURfE+Hxgu+tAcrbFAJc+RsUi18:SslFWMmbIyedZwlNPjLs+H8rtMs4

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks