Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1bdf788d587e74808c34f12aae47c10_NeikiAnalytics.exe

  • Size

    356KB

  • Sample

    240520-fg9avace32

  • MD5

    b1bdf788d587e74808c34f12aae47c10

  • SHA1

    a3edeb2c7f95ca95ae2eb3e3816474fa755725ff

  • SHA256

    1a4ba8b67870366e94c0de4a860f6952545a6637e4205b1a1c937e64ddd8c62d

  • SHA512

    98ef6ecd030addd6c41680bdf31c9e0819e321aa2e6395ab5f317c6e77707a261e12d25bace5308da7e54e9b1fb0acd6928ee0c3080ce4cfc32356be1cc202fa

  • SSDEEP

    6144:DdVVSJhwR5qP2LdjKW5EQpui6yYPaIGckjh/xaSfBJKFbhD7sYQpui6yYPaIGckN:BVoJ+zqP2GQpV6yYPMLnfBJKFbhDwBpb

Malware Config

Targets

    • Target

      b1bdf788d587e74808c34f12aae47c10_NeikiAnalytics.exe

    • Size

      356KB

    • MD5

      b1bdf788d587e74808c34f12aae47c10

    • SHA1

      a3edeb2c7f95ca95ae2eb3e3816474fa755725ff

    • SHA256

      1a4ba8b67870366e94c0de4a860f6952545a6637e4205b1a1c937e64ddd8c62d

    • SHA512

      98ef6ecd030addd6c41680bdf31c9e0819e321aa2e6395ab5f317c6e77707a261e12d25bace5308da7e54e9b1fb0acd6928ee0c3080ce4cfc32356be1cc202fa

    • SSDEEP

      6144:DdVVSJhwR5qP2LdjKW5EQpui6yYPaIGckjh/xaSfBJKFbhD7sYQpui6yYPaIGckN:BVoJ+zqP2GQpV6yYPMLnfBJKFbhDwBpb

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks