Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.32d4cbad8bdc31fc8a8f7ef8c994b3eb.exe

  • Size

    357KB

  • Sample

    231114-ljzgbabb45

  • MD5

    32d4cbad8bdc31fc8a8f7ef8c994b3eb

  • SHA1

    1d092159ae9d943238c46494244e967d355ae123

  • SHA256

    5923785828cc57265b9d9f591bb26844d25b094788f607746ec5652bab8f9df4

  • SHA512

    b6c85791c9aff23ddbd859361549df583240ddd5a224f6d6813e55703410170d7af238e4ae0bd8dd6fb068851b735f7d20e9d7b1fc8b0a1c89936691886d7a79

  • SSDEEP

    6144:eSNP1Md3Xhr1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXFOFC:eWSdTZoXpKtCe1eehil6ZR5ZrQeg3klx

Malware Config

Targets

    • Target

      NEAS.32d4cbad8bdc31fc8a8f7ef8c994b3eb.exe

    • Size

      357KB

    • MD5

      32d4cbad8bdc31fc8a8f7ef8c994b3eb

    • SHA1

      1d092159ae9d943238c46494244e967d355ae123

    • SHA256

      5923785828cc57265b9d9f591bb26844d25b094788f607746ec5652bab8f9df4

    • SHA512

      b6c85791c9aff23ddbd859361549df583240ddd5a224f6d6813e55703410170d7af238e4ae0bd8dd6fb068851b735f7d20e9d7b1fc8b0a1c89936691886d7a79

    • SSDEEP

      6144:eSNP1Md3Xhr1n6xJmPMwZoXpKtCe8AUReheFlfSZR0SvsuFrGoyeg3kl+fiXFOFC:eWSdTZoXpKtCe1eehil6ZR5ZrQeg3klx

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks