Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.bc9e191b71e3e67287ef62e9ad0637e0.exe

  • Size

    176KB

  • Sample

    231111-vlx6psaa5s

  • MD5

    bc9e191b71e3e67287ef62e9ad0637e0

  • SHA1

    de82494c706cc1e0c7aeae5252cb45bd4078c56e

  • SHA256

    8e0036a377f40c65e22563594d03dff4305332c5b5e8e62eb98f646aa9e22d7f

  • SHA512

    9ffc4f246501bf15dbfe75d8822aa917750d8ccaa6c9d45d5d36564d082f573b368fd559d0257b5f94e4607b29a252612e8348f6e642b08ff61bda8659a276c7

  • SSDEEP

    3072:NTnYjuHnOUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:NTnGen7jVu3w8BdTj2V3ppQ60MMCf0R3

Malware Config

Targets

    • Target

      NEAS.bc9e191b71e3e67287ef62e9ad0637e0.exe

    • Size

      176KB

    • MD5

      bc9e191b71e3e67287ef62e9ad0637e0

    • SHA1

      de82494c706cc1e0c7aeae5252cb45bd4078c56e

    • SHA256

      8e0036a377f40c65e22563594d03dff4305332c5b5e8e62eb98f646aa9e22d7f

    • SHA512

      9ffc4f246501bf15dbfe75d8822aa917750d8ccaa6c9d45d5d36564d082f573b368fd559d0257b5f94e4607b29a252612e8348f6e642b08ff61bda8659a276c7

    • SSDEEP

      3072:NTnYjuHnOUjmOiBn3w8BdTj2h33ppaS46HUF2pMXSfN6RnQShl:NTnGen7jVu3w8BdTj2V3ppQ60MMCf0R3

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks