Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.fbc7b4e252590a34ba09ec1e300fbd10.exe

  • Size

    398KB

  • Sample

    231111-xaftdsah41

  • MD5

    fbc7b4e252590a34ba09ec1e300fbd10

  • SHA1

    95a77e81e3a01767e94b50a9b33da38febfaf5da

  • SHA256

    06ac3d26fdec77e6f83c645fc8864ee55cb31b89c444be15e8e734473a7bf1ff

  • SHA512

    576de99a8fdb0c2ae2879420354f5ca3940df7390fb83bae97e54aad66bb07711131f4bf48ee36c7df135d2cf0716a447c27df4ff6bc6b6ba9df213c990808f2

  • SSDEEP

    12288:VqTH4K6t3XGCByvNv54B9f01ZmHByvNv5imipWf0Aq:VRK6t3XGpvr4B9f01ZmQvrimipWf0Aq

Malware Config

Targets

    • Target

      NEAS.fbc7b4e252590a34ba09ec1e300fbd10.exe

    • Size

      398KB

    • MD5

      fbc7b4e252590a34ba09ec1e300fbd10

    • SHA1

      95a77e81e3a01767e94b50a9b33da38febfaf5da

    • SHA256

      06ac3d26fdec77e6f83c645fc8864ee55cb31b89c444be15e8e734473a7bf1ff

    • SHA512

      576de99a8fdb0c2ae2879420354f5ca3940df7390fb83bae97e54aad66bb07711131f4bf48ee36c7df135d2cf0716a447c27df4ff6bc6b6ba9df213c990808f2

    • SSDEEP

      12288:VqTH4K6t3XGCByvNv54B9f01ZmHByvNv5imipWf0Aq:VRK6t3XGpvr4B9f01ZmQvrimipWf0Aq

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks