Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.09c364dbc836a0571891b22f168f84b7.exe

  • Size

    483KB

  • Sample

    231117-v2bmmsbg42

  • MD5

    09c364dbc836a0571891b22f168f84b7

  • SHA1

    21fcdb33c2d1390b9c01aa9213d3db495b7b4a79

  • SHA256

    3a579c7c714574eae461fd2e2802874cfb4a6460954628f164623d6c74b98fe0

  • SHA512

    710ee7908ee381d916f6ff0d7cdb3fb8cc514a622142ea0e0f5edc1a044b699aae0a0119c4b21823f686293379a5697293de3cc01ae5e1b247bfe07e2272c317

  • SSDEEP

    12288:jr6Be/xSttY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:aBqSttY5wdhcdhMHG

Malware Config

Targets

    • Target

      NEAS.09c364dbc836a0571891b22f168f84b7.exe

    • Size

      483KB

    • MD5

      09c364dbc836a0571891b22f168f84b7

    • SHA1

      21fcdb33c2d1390b9c01aa9213d3db495b7b4a79

    • SHA256

      3a579c7c714574eae461fd2e2802874cfb4a6460954628f164623d6c74b98fe0

    • SHA512

      710ee7908ee381d916f6ff0d7cdb3fb8cc514a622142ea0e0f5edc1a044b699aae0a0119c4b21823f686293379a5697293de3cc01ae5e1b247bfe07e2272c317

    • SSDEEP

      12288:jr6Be/xSttY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:aBqSttY5wdhcdhMHG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks