Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

434364667d...3f.exe

windows7-x64

10

434364667d...3f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    434364667d60b7ac3a4a1023c5f116c1e93443df0c89ae4bb1e0dd3560cc723f

  • Size

    512KB

  • Sample

    241017-z11btszcnr

  • MD5

    a002565cc81b96dfbf799a9eab8f30d2

  • SHA1

    b7b9f4304fab4c916a3223bd1d4c8b069baa443e

  • SHA256

    434364667d60b7ac3a4a1023c5f116c1e93443df0c89ae4bb1e0dd3560cc723f

  • SHA512

    4bcbe2feb55ad13d7a0af633c8b3ca055b1e0252c4612d022112a454201b71e1637822bd76d186ebcd8cc944c6781285e92a30583c80c4c24b9fb54cfc7e2e14

  • SSDEEP

    6144:trpys4UUZ55tTDUZNSN58VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:Di55t6NSN6G5t1sI5yl48pArv8o4L

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://tat-neftbank.ru/kkq.php

http://tat-neftbank.ru/wcmd.htm

Targets

    • Target

      434364667d60b7ac3a4a1023c5f116c1e93443df0c89ae4bb1e0dd3560cc723f

    • Size

      512KB

    • MD5

      a002565cc81b96dfbf799a9eab8f30d2

    • SHA1

      b7b9f4304fab4c916a3223bd1d4c8b069baa443e

    • SHA256

      434364667d60b7ac3a4a1023c5f116c1e93443df0c89ae4bb1e0dd3560cc723f

    • SHA512

      4bcbe2feb55ad13d7a0af633c8b3ca055b1e0252c4612d022112a454201b71e1637822bd76d186ebcd8cc944c6781285e92a30583c80c4c24b9fb54cfc7e2e14

    • SSDEEP

      6144:trpys4UUZ55tTDUZNSN58VU5tTO/ENURQPTlyl48pArv8kEVS1aHr:Di55t6NSN6G5t1sI5yl48pArv8o4L

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks