Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc9b6d774ddb081f8483a0fed2ea3660_NEIKI

  • Size

    109KB

  • Sample

    240508-qgkmlaec7s

  • MD5

    bc9b6d774ddb081f8483a0fed2ea3660

  • SHA1

    8a7e9d03560ea53261001f5b74e71885ed0252eb

  • SHA256

    53d96c114b1a221b68c7dba97c682d82057ae5c235c0fbddec2a04f477d924cf

  • SHA512

    3798fe9b94354da9c7be004fb9529ee404137009d2afa4abd85c2541783edbd33faf8d9eddb459aa84471b21945f3397f313e295b5013ba47bb95e9b4510cd45

  • SSDEEP

    3072:5rSVGklC7R/d7J92DLCqwzBu1DjHLMVDqqkSpR:5rSVLCdJJ9Uwtu1DjrFqhz

Malware Config

Targets

    • Target

      bc9b6d774ddb081f8483a0fed2ea3660_NEIKI

    • Size

      109KB

    • MD5

      bc9b6d774ddb081f8483a0fed2ea3660

    • SHA1

      8a7e9d03560ea53261001f5b74e71885ed0252eb

    • SHA256

      53d96c114b1a221b68c7dba97c682d82057ae5c235c0fbddec2a04f477d924cf

    • SHA512

      3798fe9b94354da9c7be004fb9529ee404137009d2afa4abd85c2541783edbd33faf8d9eddb459aa84471b21945f3397f313e295b5013ba47bb95e9b4510cd45

    • SSDEEP

      3072:5rSVGklC7R/d7J92DLCqwzBu1DjHLMVDqqkSpR:5rSVLCdJJ9Uwtu1DjrFqhz

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks