Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.15b2eceebc157765e90c91c4aad2ea50.exe

  • Size

    483KB

  • Sample

    231117-yjj3vaee9z

  • MD5

    15b2eceebc157765e90c91c4aad2ea50

  • SHA1

    b593387e14cac31eab4b09714566770a5d19e20e

  • SHA256

    6f66bcef426d2ab547d93af7f1103f24d767e944b69e7a2180e755180b9d3846

  • SHA512

    47a71e5782b42919c8432d4305c96763c63780d5268282b4efef0505c636e19697621f3c39e03040bc87106dd9e32d503769393fc1f7f564e20c0089231cdd4e

  • SSDEEP

    12288:IbtY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:IbtY5wdhcdhMHG

Malware Config

Targets

    • Target

      NEAS.15b2eceebc157765e90c91c4aad2ea50.exe

    • Size

      483KB

    • MD5

      15b2eceebc157765e90c91c4aad2ea50

    • SHA1

      b593387e14cac31eab4b09714566770a5d19e20e

    • SHA256

      6f66bcef426d2ab547d93af7f1103f24d767e944b69e7a2180e755180b9d3846

    • SHA512

      47a71e5782b42919c8432d4305c96763c63780d5268282b4efef0505c636e19697621f3c39e03040bc87106dd9e32d503769393fc1f7f564e20c0089231cdd4e

    • SSDEEP

      12288:IbtY5vARMSG0dhvARM/3ARMSG0dhvARMoHG:IbtY5wdhcdhMHG

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks