Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c73113c983a1ac9ec0243868ad7c3d30.exe

  • Size

    125KB

  • Sample

    231105-yjxzpsbd6s

  • MD5

    c73113c983a1ac9ec0243868ad7c3d30

  • SHA1

    e0471b1a1f7ccd69782779e7916060b6baae880a

  • SHA256

    ab8ff210ef59ddd333b6f1c1af633a7959c09c597aca2e2d59fcd5692e9fbfb8

  • SHA512

    0c0b86d4f0f0705f658e1845c7433288d29339c589a9740dfa26768851cd3741b1b1c80ff10c8ec2cc42b14f61efd0490134ea21536da60d5e99d2655f38b84b

  • SSDEEP

    3072:W/Uw4sznDQ9CdcNVjBb+ct1WdTCn93OGey/ZhJakrPF:W/f4cDsCdcNL+cOTCndOGeKTaG

Malware Config

Targets

    • Target

      NEAS.c73113c983a1ac9ec0243868ad7c3d30.exe

    • Size

      125KB

    • MD5

      c73113c983a1ac9ec0243868ad7c3d30

    • SHA1

      e0471b1a1f7ccd69782779e7916060b6baae880a

    • SHA256

      ab8ff210ef59ddd333b6f1c1af633a7959c09c597aca2e2d59fcd5692e9fbfb8

    • SHA512

      0c0b86d4f0f0705f658e1845c7433288d29339c589a9740dfa26768851cd3741b1b1c80ff10c8ec2cc42b14f61efd0490134ea21536da60d5e99d2655f38b84b

    • SSDEEP

      3072:W/Uw4sznDQ9CdcNVjBb+ct1WdTCn93OGey/ZhJakrPF:W/f4cDsCdcNL+cOTCndOGeKTaG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks