Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.fa232e1bf03371f613ffbc83a4fb9070.exe

  • Size

    109KB

  • Sample

    231115-khhlqsfa86

  • MD5

    fa232e1bf03371f613ffbc83a4fb9070

  • SHA1

    b23275290ff221d00dcc2c8cf2bdaea62084d1ae

  • SHA256

    9af16b5bf349fcc06aa012059c00194e2af7753064f11c75fa533810bd0b57c5

  • SHA512

    01e291b20358bb88f01a27fb54969268b245bdd1794826dd04cedd0b23e4d99d3111109f203b2f1496bfd11a9c73b5fa64395ecb073612ca65cb6dc1dbd6904e

  • SSDEEP

    3072:x+ihUyGvJv/NJNxgaT5zJ9cLCqwzBu1DjHLMVDqqkSpR:x+iJ4JHNbxhJ9kwtu1DjrFqhz

Malware Config

Targets

    • Target

      NEAS.fa232e1bf03371f613ffbc83a4fb9070.exe

    • Size

      109KB

    • MD5

      fa232e1bf03371f613ffbc83a4fb9070

    • SHA1

      b23275290ff221d00dcc2c8cf2bdaea62084d1ae

    • SHA256

      9af16b5bf349fcc06aa012059c00194e2af7753064f11c75fa533810bd0b57c5

    • SHA512

      01e291b20358bb88f01a27fb54969268b245bdd1794826dd04cedd0b23e4d99d3111109f203b2f1496bfd11a9c73b5fa64395ecb073612ca65cb6dc1dbd6904e

    • SSDEEP

      3072:x+ihUyGvJv/NJNxgaT5zJ9cLCqwzBu1DjHLMVDqqkSpR:x+iJ4JHNbxhJ9kwtu1DjrFqhz

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks