Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9ecaN.exe
-
Size
800KB
-
Sample
241207-1153ra1rcn
-
MD5
f73d2c9c76fdf91bda1c3d8984e02190
-
SHA1
71b242785c40eca008c82563cae4c17889278140
-
SHA256
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9eca
-
SHA512
6056d4a36e5659bc14729b19c9c548670c7e1d046b6fde457a024827c1e24b7da406fda04bf7e7188eb4a2c7e11abcfff31c55d1d7322877cb0384b011959224
-
SSDEEP
6144:s9kTRoSc7ksQO+zrWnAdUO+zrWnAdqjeOpKfduBX2QO+zrWnAdqjsqwK:EeGT/+zrWAl+zrWAI5KFum/+zrWAIAqJ
Static task
static1
Behavioral task
behavioral1
Sample
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9ecaN.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9ecaN.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://f/wcmd.htm
http://f/ppslog.php
http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9ecaN.exe
-
Size
800KB
-
MD5
f73d2c9c76fdf91bda1c3d8984e02190
-
SHA1
71b242785c40eca008c82563cae4c17889278140
-
SHA256
109c198bd603a0c4814e105dee9eb6a4317449815c18d53c7784233177cc9eca
-
SHA512
6056d4a36e5659bc14729b19c9c548670c7e1d046b6fde457a024827c1e24b7da406fda04bf7e7188eb4a2c7e11abcfff31c55d1d7322877cb0384b011959224
-
SSDEEP
6144:s9kTRoSc7ksQO+zrWnAdUO+zrWnAdqjeOpKfduBX2QO+zrWnAdqjsqwK:EeGT/+zrWAl+zrWAI5KFum/+zrWAIAqJ
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-