Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1c5ff5ce610625ad40464e11335d850_NeikiAnalytics.exe

  • Size

    256KB

  • Sample

    240520-fhatnsdb4w

  • MD5

    b1c5ff5ce610625ad40464e11335d850

  • SHA1

    7e3cbc7338859f8d2bcbde67cef783a1cb8c7a39

  • SHA256

    5ea900b9232ac3d1d41a453643612483c151bdc83d785ec2bdf50a6e0fb627cc

  • SHA512

    0329fad94b6291d9529dbafdfdfec325cf3fbbed71aa89aa0a4634d9a24be6ffecb20f0a27c1ccd3c0ea5bf771e8bff712ed58cf0c7da7427c921b915777adf7

  • SSDEEP

    6144:nSNjf0+WvligYsKWcjlpmmxieQbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/YRU:nSNAbYKalpJxifbWGRdA6sQhPbWGRdAT

Malware Config

Targets

    • Target

      b1c5ff5ce610625ad40464e11335d850_NeikiAnalytics.exe

    • Size

      256KB

    • MD5

      b1c5ff5ce610625ad40464e11335d850

    • SHA1

      7e3cbc7338859f8d2bcbde67cef783a1cb8c7a39

    • SHA256

      5ea900b9232ac3d1d41a453643612483c151bdc83d785ec2bdf50a6e0fb627cc

    • SHA512

      0329fad94b6291d9529dbafdfdfec325cf3fbbed71aa89aa0a4634d9a24be6ffecb20f0a27c1ccd3c0ea5bf771e8bff712ed58cf0c7da7427c921b915777adf7

    • SSDEEP

      6144:nSNjf0+WvligYsKWcjlpmmxieQbWGRdA6sQc/Yp7TVX3J/1awbWGRdA6sQc/YRU:nSNAbYKalpJxifbWGRdA6sQhPbWGRdAT

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks