Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TrojanDownloader.Win32.Berbew.pz-b9adb604311c81cdf6aea869b1321ef0647041206bc4d19025eb3c7761895e05N

  • Size

    59KB

  • Sample

    240916-ta4cxawejr

  • MD5

    847cee90d1b5c5bac4eb294b4f59c230

  • SHA1

    579dc183483a5244275ca0dd24e92184d83b02a8

  • SHA256

    b9adb604311c81cdf6aea869b1321ef0647041206bc4d19025eb3c7761895e05

  • SHA512

    c6c42620023e8d7387ec1207db4051c879e2c1ab983836b161173ea0b168e323618b44c7174e17dfca19a60c45410d13110dfdd02ef86e6303467f1cb97d68e8

  • SSDEEP

    768:HNGYCvH02PHvbMlIhfvL/vj8g7DlzQ8QYRhpHzd+nfPrZ/1H5qe5nf1fZMEBFELE:HNGpvdzSmDTJl/QcpHzkfP3AiNCyVso

Malware Config

Targets

    • Target

      TrojanDownloader.Win32.Berbew.pz-b9adb604311c81cdf6aea869b1321ef0647041206bc4d19025eb3c7761895e05N

    • Size

      59KB

    • MD5

      847cee90d1b5c5bac4eb294b4f59c230

    • SHA1

      579dc183483a5244275ca0dd24e92184d83b02a8

    • SHA256

      b9adb604311c81cdf6aea869b1321ef0647041206bc4d19025eb3c7761895e05

    • SHA512

      c6c42620023e8d7387ec1207db4051c879e2c1ab983836b161173ea0b168e323618b44c7174e17dfca19a60c45410d13110dfdd02ef86e6303467f1cb97d68e8

    • SSDEEP

      768:HNGYCvH02PHvbMlIhfvL/vj8g7DlzQ8QYRhpHzd+nfPrZ/1H5qe5nf1fZMEBFELE:HNGpvdzSmDTJl/QcpHzkfP3AiNCyVso

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks