Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Backdoor.Win32.Berbew.pzdeb81dff646ac724735acb7f1f496f52c9c646d87db81208355225895e32dc72N
-
Size
91KB
-
Sample
240916-tcxcdawfjk
-
MD5
a588baee7fbb2652adabc9c8f89d0a60
-
SHA1
584af0e20907b8a089ada4b988af1d6d1fa5e622
-
SHA256
deb81dff646ac724735acb7f1f496f52c9c646d87db81208355225895e32dc72
-
SHA512
d9902153113226061b24046319469fadc6cc6a60eebfb84a5599f556b27306fb9c064bdaadd32223b26645c4821855a4d1c17af7b312b5c218763d171d44b566
-
SSDEEP
1536:LLI5OWtr1DFvYpbn9rm3Ijg2dG+eo1xC0GZFXUmSC2e3l:R6r1DFIOCg24ho1mtye3l
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.Berbew.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.Berbew.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
Backdoor.Win32.Berbew.pzdeb81dff646ac724735acb7f1f496f52c9c646d87db81208355225895e32dc72N
-
Size
91KB
-
MD5
a588baee7fbb2652adabc9c8f89d0a60
-
SHA1
584af0e20907b8a089ada4b988af1d6d1fa5e622
-
SHA256
deb81dff646ac724735acb7f1f496f52c9c646d87db81208355225895e32dc72
-
SHA512
d9902153113226061b24046319469fadc6cc6a60eebfb84a5599f556b27306fb9c064bdaadd32223b26645c4821855a4d1c17af7b312b5c218763d171d44b566
-
SSDEEP
1536:LLI5OWtr1DFvYpbn9rm3Ijg2dG+eo1xC0GZFXUmSC2e3l:R6r1DFIOCg24ho1mtye3l
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-