Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NEAS.0b10f...d0.exe

windows7-x64

10

NEAS.0b10f...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.0b10f3a77d902cb81840d860cca604d0.exe

  • Size

    362KB

  • Sample

    231117-2mn3ragc5x

  • MD5

    0b10f3a77d902cb81840d860cca604d0

  • SHA1

    eaf9e4d40441940064092a6dc495f6f79f825c74

  • SHA256

    88d1868f354d9f401184d02868d9f130739783907dfc8b2e82ce3dcfbb19bfd4

  • SHA512

    6e306d51c12733fb2a45f6325f07cfb3f05a1edd29e061b09ff8e25df3fbbeaaac3ec359dc5d15ae2c35afb1b17896127fc92d31209c7ca2a78e268e2fddeb54

  • SSDEEP

    6144:/m0EcXNH+JX/gtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuF:+0EcXGXotmuMtrQ07nGWxWSsmiMyh95V

Score
10/10
berbewdropperpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.0b10f3a77d902cb81840d860cca604d0.exe

    • Size

      362KB

    • MD5

      0b10f3a77d902cb81840d860cca604d0

    • SHA1

      eaf9e4d40441940064092a6dc495f6f79f825c74

    • SHA256

      88d1868f354d9f401184d02868d9f130739783907dfc8b2e82ce3dcfbb19bfd4

    • SHA512

      6e306d51c12733fb2a45f6325f07cfb3f05a1edd29e061b09ff8e25df3fbbeaaac3ec359dc5d15ae2c35afb1b17896127fc92d31209c7ca2a78e268e2fddeb54

    • SSDEEP

      6144:/m0EcXNH+JX/gtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuF:+0EcXGXotmuMtrQ07nGWxWSsmiMyh95V

    Score
    10/10
    dropperpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

      persistencedroppertrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks