Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.2c8d4e577058e87ff8275b24387356a0.exe

  • Size

    352KB

  • Sample

    231112-lhnneseg98

  • MD5

    2c8d4e577058e87ff8275b24387356a0

  • SHA1

    ba7dcf5bec687b935546fede907d0d2c03bca99a

  • SHA256

    deb312067fd9bee453cbd984091fc87bad276c008924a495725d0f572e9b5516

  • SHA512

    f5176aaae087a6b51b5199e8aaa234f42c2efd893cdd5538bbfa98f8af9513e8fe9de880a64cc58a3a2bdaa6806473f9125e0412b9592e1531142866de43a0d0

  • SSDEEP

    6144:pYFoSUDxyFkhKSZI4zLVSVp3ys9ceiItgAv:aeJVWcKSZhnVep3ys37tgAv

Malware Config

Targets

    • Target

      NEAS.2c8d4e577058e87ff8275b24387356a0.exe

    • Size

      352KB

    • MD5

      2c8d4e577058e87ff8275b24387356a0

    • SHA1

      ba7dcf5bec687b935546fede907d0d2c03bca99a

    • SHA256

      deb312067fd9bee453cbd984091fc87bad276c008924a495725d0f572e9b5516

    • SHA512

      f5176aaae087a6b51b5199e8aaa234f42c2efd893cdd5538bbfa98f8af9513e8fe9de880a64cc58a3a2bdaa6806473f9125e0412b9592e1531142866de43a0d0

    • SSDEEP

      6144:pYFoSUDxyFkhKSZI4zLVSVp3ys9ceiItgAv:aeJVWcKSZhnVep3ys37tgAv

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks