Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c96a2f0714b8a96cb0f3a8debf74ded0.exe

  • Size

    75KB

  • Sample

    231126-ydr69sca52

  • MD5

    c96a2f0714b8a96cb0f3a8debf74ded0

  • SHA1

    212dedec91adec3727df5d5b12aadc4431a52ccc

  • SHA256

    3a13cfb2acc0c556f557dd015465dcbd2ba0de80345d177b51de700344eb2b02

  • SHA512

    1fa1ebace1ae234180771a0262803b147af531c10b079435440ec992f7b1e31f323b84329d4f72515f1919d8fa48c67a63e74f9b7313f681b5f4557936048503

  • SSDEEP

    1536:niliDO4HuxHlToVn/Ndl/RRQeyy4LO53q52IrFH:iliDduIRTRLGg3qv

Malware Config

Targets

    • Target

      c96a2f0714b8a96cb0f3a8debf74ded0.exe

    • Size

      75KB

    • MD5

      c96a2f0714b8a96cb0f3a8debf74ded0

    • SHA1

      212dedec91adec3727df5d5b12aadc4431a52ccc

    • SHA256

      3a13cfb2acc0c556f557dd015465dcbd2ba0de80345d177b51de700344eb2b02

    • SHA512

      1fa1ebace1ae234180771a0262803b147af531c10b079435440ec992f7b1e31f323b84329d4f72515f1919d8fa48c67a63e74f9b7313f681b5f4557936048503

    • SSDEEP

      1536:niliDO4HuxHlToVn/Ndl/RRQeyy4LO53q52IrFH:iliDduIRTRLGg3qv

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Backdoor - Berbew

      Berbew is a malware infection classified as a 'backdoor' Trojan. This malicious program's primary function is to cause chain infections - it can download/install additional malware such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks