Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bf4b816cd75d4e727a45c738d053a6b0_NEIKI

  • Size

    329KB

  • Sample

    240509-bzfc9sbb5v

  • MD5

    bf4b816cd75d4e727a45c738d053a6b0

  • SHA1

    50b329603b1664896a286be73ecf0efa33ed1b95

  • SHA256

    ca59190b3113b1faa1f40b06e74b1d3e3eda8b984a9c38410bd8095b7cbb8c80

  • SHA512

    31dc5fdb01042ad331b620b857e045055cedbab289b5a1ff3b3511d0f14df37ab751cea04db42ace59dc83d7c704854df18e4e0c28f2acfddcaa5c376b7ad1ee

  • SSDEEP

    6144:GBSqbws+H3Lb+Qw/WYgFIgsh0KXoQr8jTQjewInBIE1+J3RzAHV+EueR2F:GBSj7LKQweY0sam38vZwIBIE1+J3pQtI

Malware Config

Targets

    • Target

      bf4b816cd75d4e727a45c738d053a6b0_NEIKI

    • Size

      329KB

    • MD5

      bf4b816cd75d4e727a45c738d053a6b0

    • SHA1

      50b329603b1664896a286be73ecf0efa33ed1b95

    • SHA256

      ca59190b3113b1faa1f40b06e74b1d3e3eda8b984a9c38410bd8095b7cbb8c80

    • SHA512

      31dc5fdb01042ad331b620b857e045055cedbab289b5a1ff3b3511d0f14df37ab751cea04db42ace59dc83d7c704854df18e4e0c28f2acfddcaa5c376b7ad1ee

    • SSDEEP

      6144:GBSqbws+H3Lb+Qw/WYgFIgsh0KXoQr8jTQjewInBIE1+J3RzAHV+EueR2F:GBSj7LKQweY0sam38vZwIBIE1+J3pQtI

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks