Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Backdoor.Win32.Berbew-e129a563de6e1cdf4534bf798b0639819cea28aa20e9c063dfa39dbd697c299fN
-
Size
49KB
-
Sample
240916-tc2xvswdnb
-
MD5
0b9f8181609cb4a74b47347175cdb7f0
-
SHA1
e297303cc644bd56a62fa395168d4008ae7690ba
-
SHA256
e129a563de6e1cdf4534bf798b0639819cea28aa20e9c063dfa39dbd697c299f
-
SHA512
5c2a0163ee467112c19fe9798a8d472bcb9d7a8fead4fc3e1d633f709a79e50d95e4be444bbe300ad30be6c211b55bec554c5e9bee69faedb2d59252d8a6f9f2
-
SSDEEP
768:EqeibVwwNrCOEnxpxd4xMXLoBFb2w/g6gBO0hS/1H50Ll2Xdnh7:Eqe8FcPxd4KXwgBO02Vl
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
Backdoor.Win32.Berbew-e129a563de6e1cdf4534bf798b0639819cea28aa20e9c063dfa39dbd697c299fN
-
Size
49KB
-
MD5
0b9f8181609cb4a74b47347175cdb7f0
-
SHA1
e297303cc644bd56a62fa395168d4008ae7690ba
-
SHA256
e129a563de6e1cdf4534bf798b0639819cea28aa20e9c063dfa39dbd697c299f
-
SHA512
5c2a0163ee467112c19fe9798a8d472bcb9d7a8fead4fc3e1d633f709a79e50d95e4be444bbe300ad30be6c211b55bec554c5e9bee69faedb2d59252d8a6f9f2
-
SSDEEP
768:EqeibVwwNrCOEnxpxd4xMXLoBFb2w/g6gBO0hS/1H50Ll2Xdnh7:Eqe8FcPxd4KXwgBO02Vl
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-