Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.e6c35f475440120549afce831d9d108d.exe

  • Size

    135KB

  • Sample

    231117-tj8nzsbg8x

  • MD5

    e6c35f475440120549afce831d9d108d

  • SHA1

    21844dcee73635d53f277b2c2967836d72276753

  • SHA256

    80179b2c0d3a30112c5483ce42e5c571b6a9469a5f4a4f259e148bce1d33f8eb

  • SHA512

    0810e8a3559bd7210a9e646208a99fe0a96bfc6575006419f19a43b12cd6a1810b60f5f2a2a908b87bae5165ca7a8d0e0837e0fddf5c609ee1ab768d2e1b43ab

  • SSDEEP

    3072:mPSqtZllzSjdTWK8Qr5+ViKGe7Yfs0a0Uoi:m6q7mTWK9cViK4fs0l

Malware Config

Targets

    • Target

      NEAS.e6c35f475440120549afce831d9d108d.exe

    • Size

      135KB

    • MD5

      e6c35f475440120549afce831d9d108d

    • SHA1

      21844dcee73635d53f277b2c2967836d72276753

    • SHA256

      80179b2c0d3a30112c5483ce42e5c571b6a9469a5f4a4f259e148bce1d33f8eb

    • SHA512

      0810e8a3559bd7210a9e646208a99fe0a96bfc6575006419f19a43b12cd6a1810b60f5f2a2a908b87bae5165ca7a8d0e0837e0fddf5c609ee1ab768d2e1b43ab

    • SSDEEP

      3072:mPSqtZllzSjdTWK8Qr5+ViKGe7Yfs0a0Uoi:m6q7mTWK9cViK4fs0l

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks