Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ba0398f03ef11985cd2605e6e3d22080_NeikiAnalytics

  • Size

    362KB

  • Sample

    240516-h2552aaa27

  • MD5

    ba0398f03ef11985cd2605e6e3d22080

  • SHA1

    b85bec9a5b8740130593b1dd25e9b0de67d3e12c

  • SHA256

    9f2f5b2226862ac976566db399a6db350272168c690f8952ee810593204c7594

  • SHA512

    ea6150ffffc0b36028b5cedc5c169416602a890238d45ae9c7780d0443d4e4008dbdf400968d8fa3fb10d76ba8afa94943a94af92ee9136b16aecc203972bf92

  • SSDEEP

    6144:kieMP9SfmvuOm4tGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvY:ki1li6tmuMtrQ07nGWxWSsmiMyh95r5z

Malware Config

Targets

    • Target

      ba0398f03ef11985cd2605e6e3d22080_NeikiAnalytics

    • Size

      362KB

    • MD5

      ba0398f03ef11985cd2605e6e3d22080

    • SHA1

      b85bec9a5b8740130593b1dd25e9b0de67d3e12c

    • SHA256

      9f2f5b2226862ac976566db399a6db350272168c690f8952ee810593204c7594

    • SHA512

      ea6150ffffc0b36028b5cedc5c169416602a890238d45ae9c7780d0443d4e4008dbdf400968d8fa3fb10d76ba8afa94943a94af92ee9136b16aecc203972bf92

    • SSDEEP

      6144:kieMP9SfmvuOm4tGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvY:ki1li6tmuMtrQ07nGWxWSsmiMyh95r5z

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks