Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Backdoor.Win32.Berbeweae8e4b71e8cbdeb572ab78fc970400ee81a3d12a5c9d2845435683651424d4cN
-
Size
49KB
-
Sample
240916-tltb3sxaql
-
MD5
7c3d8bac91ed166108701fc700424240
-
SHA1
877769594071bf93f405f4b7ac968c7da1524565
-
SHA256
eae8e4b71e8cbdeb572ab78fc970400ee81a3d12a5c9d2845435683651424d4c
-
SHA512
4c372b45c5a03884b1a46829db4384b355453a891a96858b8bf66d7f46a5700a5951574e1050cdb4923b1ff6e0d9d5023822a22d40767e2b8f3227ccfebd9c4e
-
SSDEEP
768:EbKYQ4t/Z6b7YaqM6gM73tNRqAr91mXfwgh384Zv/1H5e2Xdnh7:ElZ6b77qeCx98he4ZBNl
Static task
static1
Behavioral task
behavioral1
Sample
Backdoor.Win32.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Backdoor.Win32.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
berbew
http://tat-neftbank.ru/kkq.php
http://tat-neftbank.ru/wcmd.htm
Targets
-
-
Target
Backdoor.Win32.Berbeweae8e4b71e8cbdeb572ab78fc970400ee81a3d12a5c9d2845435683651424d4cN
-
Size
49KB
-
MD5
7c3d8bac91ed166108701fc700424240
-
SHA1
877769594071bf93f405f4b7ac968c7da1524565
-
SHA256
eae8e4b71e8cbdeb572ab78fc970400ee81a3d12a5c9d2845435683651424d4c
-
SHA512
4c372b45c5a03884b1a46829db4384b355453a891a96858b8bf66d7f46a5700a5951574e1050cdb4923b1ff6e0d9d5023822a22d40767e2b8f3227ccfebd9c4e
-
SSDEEP
768:EbKYQ4t/Z6b7YaqM6gM73tNRqAr91mXfwgh384Zv/1H5e2Xdnh7:ElZ6b77qeCx98he4ZBNl
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-