Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.1e5dc485a5759d352c5a69efcf2f22e0.exe

  • Size

    347KB

  • Sample

    231117-wmk37sdc3z

  • MD5

    1e5dc485a5759d352c5a69efcf2f22e0

  • SHA1

    ae9b0848fc14c3528e22421af19010af52e0914f

  • SHA256

    d79d3260d03824aeaf2532dce5ff6ed827f295f473ab74f9000889fc9c9a21fb

  • SHA512

    45119ca321b978ca5ad12811063e852cb61d35779f59a0c2763fc43d36310e4917953f9e580b762b49508fe0f0704446ea3543d6d34df005c6a9bbb2c0690593

  • SSDEEP

    6144:6ThkD+uk0eML5ix4brq2Ah1FM6234lKm3mo8Yvi4KsLTFM6234lKm3qk9:6Thkauk0eMcx4brRGFB24lwR45FB24ld

Malware Config

Targets

    • Target

      NEAS.1e5dc485a5759d352c5a69efcf2f22e0.exe

    • Size

      347KB

    • MD5

      1e5dc485a5759d352c5a69efcf2f22e0

    • SHA1

      ae9b0848fc14c3528e22421af19010af52e0914f

    • SHA256

      d79d3260d03824aeaf2532dce5ff6ed827f295f473ab74f9000889fc9c9a21fb

    • SHA512

      45119ca321b978ca5ad12811063e852cb61d35779f59a0c2763fc43d36310e4917953f9e580b762b49508fe0f0704446ea3543d6d34df005c6a9bbb2c0690593

    • SSDEEP

      6144:6ThkD+uk0eML5ix4brq2Ah1FM6234lKm3mo8Yvi4KsLTFM6234lKm3qk9:6Thkauk0eMcx4brRGFB24lwR45FB24ld

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks