Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.efc532b8fa0b7a9643ccbba003eb55d8.exe

  • Size

    123KB

  • Sample

    231107-q9lqcsfg4z

  • MD5

    efc532b8fa0b7a9643ccbba003eb55d8

  • SHA1

    129763db9d6bb41d2ad21fa509527da1f85dc24c

  • SHA256

    0ee17c1c5d31694a9c7af4970a7a3db2bfa0d7bac90b3a5336c0ee9fa9815336

  • SHA512

    c090e88aa3de86468eee5d93ae0c7d709c498ae69ee3c05a38c25e6891ab62eb0fbef8bc2cb0aa48d1ea97a7887f1e8ab99bc01bf50730ea52bb22006b3291a4

  • SSDEEP

    1536:yTaUUWTamKJG1CGrh/sVuJ3mq1znNFUfoCLCIRYSw1mir8CAjXoiDEuGg0opGCRe:oUECJUr13vUv7RYSa9rR85DEn5k7r8

Malware Config

Targets

    • Target

      NEAS.efc532b8fa0b7a9643ccbba003eb55d8.exe

    • Size

      123KB

    • MD5

      efc532b8fa0b7a9643ccbba003eb55d8

    • SHA1

      129763db9d6bb41d2ad21fa509527da1f85dc24c

    • SHA256

      0ee17c1c5d31694a9c7af4970a7a3db2bfa0d7bac90b3a5336c0ee9fa9815336

    • SHA512

      c090e88aa3de86468eee5d93ae0c7d709c498ae69ee3c05a38c25e6891ab62eb0fbef8bc2cb0aa48d1ea97a7887f1e8ab99bc01bf50730ea52bb22006b3291a4

    • SSDEEP

      1536:yTaUUWTamKJG1CGrh/sVuJ3mq1znNFUfoCLCIRYSw1mir8CAjXoiDEuGg0opGCRe:oUECJUr13vUv7RYSa9rR85DEn5k7r8

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks