Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ecb9b33a23f053225b6447f148d44870_NeikiAnalytics.exe

  • Size

    447KB

  • Sample

    240517-pwlmrshg88

  • MD5

    ecb9b33a23f053225b6447f148d44870

  • SHA1

    c52164612b896fe8906d6224833574b77328fc2e

  • SHA256

    615336c214d0a92d455d9aeb62f813cbc036e8a9771c43c141dccbc7830729e2

  • SHA512

    64bf569fe20376ae83e36c2a58b75010c6eded79a2b5e8a2d367b8a8b175e6a0e1013a30bec2760bc7af25ea5ff65f3948f41af4eea4500f373ee62d4672cdf7

  • SSDEEP

    12288:QT6SZhP46SCTbSwgS1IaPRJbDh4i0vm4OsKN5sTuGZb:QThhP46SCTbSwgS1IaPRJbDh4i0vm4Om

Malware Config

Targets

    • Target

      ecb9b33a23f053225b6447f148d44870_NeikiAnalytics.exe

    • Size

      447KB

    • MD5

      ecb9b33a23f053225b6447f148d44870

    • SHA1

      c52164612b896fe8906d6224833574b77328fc2e

    • SHA256

      615336c214d0a92d455d9aeb62f813cbc036e8a9771c43c141dccbc7830729e2

    • SHA512

      64bf569fe20376ae83e36c2a58b75010c6eded79a2b5e8a2d367b8a8b175e6a0e1013a30bec2760bc7af25ea5ff65f3948f41af4eea4500f373ee62d4672cdf7

    • SSDEEP

      12288:QT6SZhP46SCTbSwgS1IaPRJbDh4i0vm4OsKN5sTuGZb:QThhP46SCTbSwgS1IaPRJbDh4i0vm4Om

    Score
    10/10
    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks