Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    715862d0ca414ffcf39548b83a34a840_NEIKI

  • Size

    128KB

  • Sample

    240508-m1rcpsgh8t

  • MD5

    715862d0ca414ffcf39548b83a34a840

  • SHA1

    b34d4257e5e52f6a086d8e8cea52c2faac2b9d17

  • SHA256

    e53bcded470cc127f7f97839fce16d237a5345c368d17220e0d885f2a829d7de

  • SHA512

    64d1213230380594b891926ba0c8a5e154e20f3ab1a1e5f3fc010c537dc37ca8355ce993be9044d141f661d05cad0aa4712b60fe64b0112e6efaf147a18f8cfd

  • SSDEEP

    3072:HTNdXq1DwS5kdLKTWVmQTqeDP5wkpHxG:HDXq2RdtCCA

Malware Config

Targets

    • Target

      715862d0ca414ffcf39548b83a34a840_NEIKI

    • Size

      128KB

    • MD5

      715862d0ca414ffcf39548b83a34a840

    • SHA1

      b34d4257e5e52f6a086d8e8cea52c2faac2b9d17

    • SHA256

      e53bcded470cc127f7f97839fce16d237a5345c368d17220e0d885f2a829d7de

    • SHA512

      64d1213230380594b891926ba0c8a5e154e20f3ab1a1e5f3fc010c537dc37ca8355ce993be9044d141f661d05cad0aa4712b60fe64b0112e6efaf147a18f8cfd

    • SSDEEP

      3072:HTNdXq1DwS5kdLKTWVmQTqeDP5wkpHxG:HDXq2RdtCCA

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks