Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    TrojanDownloader.Win32.Berbew.pz-f24a299a1a2fe7eee728b6111ff1bf7f93d82f1b84c32a7fa0e54eb36ada51d8N

  • Size

    59KB

  • Sample

    240916-tnm8vaxamd

  • MD5

    4f316d54979b83864e806ff9033eac00

  • SHA1

    6c55fa5f51ee8666711c227810f879a38188798a

  • SHA256

    f24a299a1a2fe7eee728b6111ff1bf7f93d82f1b84c32a7fa0e54eb36ada51d8

  • SHA512

    0bb4dde41880683f7743953bb39008236d001e4df0391e15d20a4f93dadba67c984ae4b72b46bb7188895e6a671ee726f15629b9d85866418566372588df175a

  • SSDEEP

    1536:AJldGg8o+X6m0TutG1RL0TY+ABQDNCyVso:SldGEcQTwG1mY+ABQkeso

Malware Config

Targets

    • Target

      TrojanDownloader.Win32.Berbew.pz-f24a299a1a2fe7eee728b6111ff1bf7f93d82f1b84c32a7fa0e54eb36ada51d8N

    • Size

      59KB

    • MD5

      4f316d54979b83864e806ff9033eac00

    • SHA1

      6c55fa5f51ee8666711c227810f879a38188798a

    • SHA256

      f24a299a1a2fe7eee728b6111ff1bf7f93d82f1b84c32a7fa0e54eb36ada51d8

    • SHA512

      0bb4dde41880683f7743953bb39008236d001e4df0391e15d20a4f93dadba67c984ae4b72b46bb7188895e6a671ee726f15629b9d85866418566372588df175a

    • SSDEEP

      1536:AJldGg8o+X6m0TutG1RL0TY+ABQDNCyVso:SldGEcQTwG1mY+ABQkeso

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Berbew

      Berbew is a backdoor written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks