Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.483c4835444f6de8938a73c3e251fd67_JC.exe

  • Size

    143KB

  • Sample

    231105-sg4rksfh3t

  • MD5

    483c4835444f6de8938a73c3e251fd67

  • SHA1

    dfcdeea993dd551104baa37a559a03c553a3d6d2

  • SHA256

    91c03d2124f0f12fd5ccd7346202a8900b71f443a12506b523eaf57740661b97

  • SHA512

    af6eb4734a2bbb8f9a214419c0a7e54bc117305a66d43d8d5c2720b864e1ba9d34ee36c840e18ff2c22e3a9986a99a50d8176877164ad5fc88b20cf73c3ed2d6

  • SSDEEP

    3072:DjaRydq0QiXcRAIB8rcevpxNgmFO1gdd8jH:HyEqxtRd8rzNtF0b

Malware Config

Targets

    • Target

      NEAS.483c4835444f6de8938a73c3e251fd67_JC.exe

    • Size

      143KB

    • MD5

      483c4835444f6de8938a73c3e251fd67

    • SHA1

      dfcdeea993dd551104baa37a559a03c553a3d6d2

    • SHA256

      91c03d2124f0f12fd5ccd7346202a8900b71f443a12506b523eaf57740661b97

    • SHA512

      af6eb4734a2bbb8f9a214419c0a7e54bc117305a66d43d8d5c2720b864e1ba9d34ee36c840e18ff2c22e3a9986a99a50d8176877164ad5fc88b20cf73c3ed2d6

    • SSDEEP

      3072:DjaRydq0QiXcRAIB8rcevpxNgmFO1gdd8jH:HyEqxtRd8rzNtF0b

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks