Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a194397b0bc9775c0ec35bbda91b8d84a616c1e3e187cbd4142e187d686b64a7N
-
Size
304KB
-
Sample
241003-kgpcwsxfrb
-
MD5
c4601a0f6319ed1183440d1187a0aa90
-
SHA1
82d5e9fa2f306b9b5d4879d4809202559b1e530f
-
SHA256
a194397b0bc9775c0ec35bbda91b8d84a616c1e3e187cbd4142e187d686b64a7
-
SHA512
7c5d98066d70fa8b56e796d4dba52d5be7adc1bd17c0dac2810a1487259a5017c09157426ace7f040450d63882a094fa1c8d7a06004b93725a14066ee37446ad
-
SSDEEP
3072:g+J/Q7PifW2KbmPI3wibemejz+k5rD0LZSnulc0VP7SnHjg:nNQ7PivKbmoimEKIrD0Lu
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
a194397b0bc9775c0ec35bbda91b8d84a616c1e3e187cbd4142e187d686b64a7N
-
Size
304KB
-
MD5
c4601a0f6319ed1183440d1187a0aa90
-
SHA1
82d5e9fa2f306b9b5d4879d4809202559b1e530f
-
SHA256
a194397b0bc9775c0ec35bbda91b8d84a616c1e3e187cbd4142e187d686b64a7
-
SHA512
7c5d98066d70fa8b56e796d4dba52d5be7adc1bd17c0dac2810a1487259a5017c09157426ace7f040450d63882a094fa1c8d7a06004b93725a14066ee37446ad
-
SSDEEP
3072:g+J/Q7PifW2KbmPI3wibemejz+k5rD0LZSnulc0VP7SnHjg:nNQ7PivKbmoimEKIrD0Lu
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew
Berbew is a backdoor written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-