Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

51a84a5b89...26.exe

windows7-x64

10

51a84a5b89...26.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51a84a5b89ad1c8348807f9995d1cb26e299b26193fd615768e00c7248532526.exe

  • Size

    163KB

  • MD5

    26d98fca1c2206449b31003ec941195d

  • SHA1

    191d819ec8c4d525e353d2cdcd555d4b2ff5d8e8

  • SHA256

    51a84a5b89ad1c8348807f9995d1cb26e299b26193fd615768e00c7248532526

  • SHA512

    3e9053d6bdbe301147fe8c43aad1f0ecc0d13350ea3a24cb378c8aa5a44954dda5dd1d36a4aa8ef792592f10692fa605d6946b28ac307584d9144fe3c7a4aaa2

  • SSDEEP

    1536:PAz/5bT7ljju+m9sraG2H5VgifRfmQt1d0fyyN4lProNVU4qNVUrk/9QbfBr+7GC:4zRbXlfu+mulu0f9N4ltOrWKDBr+yJbQ

Score
10/10
berbew

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://master-x.com/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://crutop.ru/index.php

http://kaspersky.ru/index.php

http://color-bank.ru/index.php

http://adult-empire.com/index.php

http://virus-list.com/index.php

http://trojan.ru/index.php

http://xware.cjb.net/index.htm

http://konfiskat.org/index.htm

http://parex-bank.ru/index.htm

http://fethard.biz/index.htm

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

Signatures

  • Berbew family
    berbew
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 51a84a5b89ad1c8348807f9995d1cb26e299b26193fd615768e00c7248532526.exe
    .exe windows:1 windows x86 arch:x86

    c2a87fabf96470db507b2e6b43bd92eb


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.