Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d8ab61ba7c50b5d0a1957a0a35466dd0.exe

  • Size

    125KB

  • Sample

    231115-jb41qaec52

  • MD5

    d8ab61ba7c50b5d0a1957a0a35466dd0

  • SHA1

    44c8a5b50fd4899134e8c6127a9d1ff15c26466a

  • SHA256

    f441e6bb12a17d2ef68609cc9bfe5e563230e4f7fa19d6366ef664f9ffe56dde

  • SHA512

    b2fd62eab3aa7bab699c3669176fec82e6d5961d4b6dd22d86816051460d25daf62ea3976c7b51cc1c9fe4291523db0b1806c01e663040c8848a800154b823be

  • SSDEEP

    3072:kVYMUOhj3qix+W1cf1WdTCn93OGey/ZhJakrPF:kVZvhT+W1cQTCndOGeKTaG

Malware Config

Targets

    • Target

      NEAS.d8ab61ba7c50b5d0a1957a0a35466dd0.exe

    • Size

      125KB

    • MD5

      d8ab61ba7c50b5d0a1957a0a35466dd0

    • SHA1

      44c8a5b50fd4899134e8c6127a9d1ff15c26466a

    • SHA256

      f441e6bb12a17d2ef68609cc9bfe5e563230e4f7fa19d6366ef664f9ffe56dde

    • SHA512

      b2fd62eab3aa7bab699c3669176fec82e6d5961d4b6dd22d86816051460d25daf62ea3976c7b51cc1c9fe4291523db0b1806c01e663040c8848a800154b823be

    • SSDEEP

      3072:kVYMUOhj3qix+W1cf1WdTCn93OGey/ZhJakrPF:kVZvhT+W1cQTCndOGeKTaG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks