Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.851fe2698229b85fbc2ac6325924eba0.exe

  • Size

    483KB

  • Sample

    231113-dn56nagc5s

  • MD5

    851fe2698229b85fbc2ac6325924eba0

  • SHA1

    e17a9cb02489a77ee2e5a073bdce7d336f95cde8

  • SHA256

    c33959c8d6bc46779652a3e28ac981e18b39df02606698c8fd59c09cbc86dc5a

  • SHA512

    15de71f36ced3c5625ddda1b0e458809463316971cb1125bb9fe0062f9c9aee4bb040c652de284db595fc0c651a56b81696af57ae3c612ac6bccd00583cbb626

  • SSDEEP

    12288:YBvtY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:YdtY5wdhcdhMHG

Malware Config

Targets

    • Target

      NEAS.851fe2698229b85fbc2ac6325924eba0.exe

    • Size

      483KB

    • MD5

      851fe2698229b85fbc2ac6325924eba0

    • SHA1

      e17a9cb02489a77ee2e5a073bdce7d336f95cde8

    • SHA256

      c33959c8d6bc46779652a3e28ac981e18b39df02606698c8fd59c09cbc86dc5a

    • SHA512

      15de71f36ced3c5625ddda1b0e458809463316971cb1125bb9fe0062f9c9aee4bb040c652de284db595fc0c651a56b81696af57ae3c612ac6bccd00583cbb626

    • SSDEEP

      12288:YBvtY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:YdtY5wdhcdhMHG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks