Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bad8db2ea4351365f750e0b1b8da1460_NEAS

  • Size

    362KB

  • Sample

    240507-r1hg1seb32

  • MD5

    bad8db2ea4351365f750e0b1b8da1460

  • SHA1

    25ad66692840b134eeed3a71175e22b9a0e5484b

  • SHA256

    3f77efe05991059e33fa8bf987df69f1766a40cb83784a876eacfd09d6457544

  • SHA512

    c42677f5509a032c352ecb79b0dc1c148704dbb5ed9eef0e26f2ae510a175c8869560a22f34af8d76d5d317bf2844199e3a9602817cee6b84a3bca0d7e94ffb3

  • SSDEEP

    6144:Swy84qcnhDBhtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuZn:y8ihPtmuMtrQ07nGWxWSsmiMyh95r5Oa

Malware Config

Targets

    • Target

      bad8db2ea4351365f750e0b1b8da1460_NEAS

    • Size

      362KB

    • MD5

      bad8db2ea4351365f750e0b1b8da1460

    • SHA1

      25ad66692840b134eeed3a71175e22b9a0e5484b

    • SHA256

      3f77efe05991059e33fa8bf987df69f1766a40cb83784a876eacfd09d6457544

    • SHA512

      c42677f5509a032c352ecb79b0dc1c148704dbb5ed9eef0e26f2ae510a175c8869560a22f34af8d76d5d317bf2844199e3a9602817cee6b84a3bca0d7e94ffb3

    • SSDEEP

      6144:Swy84qcnhDBhtGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuZn:y8ihPtmuMtrQ07nGWxWSsmiMyh95r5Oa

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks