Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69
-
Size
448KB
-
Sample
241208-zd4ezatpcs
-
MD5
a2f013ddcd10765120b069b9ed3f8c4e
-
SHA1
2900113a787e6accf2c3131bfa3af9f4080dd718
-
SHA256
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69
-
SHA512
b93a4f5bb7eff6b792fc5273ff7d9af819b5bc961fa2f2010550f2ad5a22014729b3de711a69174ce0f9518c353d12e56b599d7b7229e7f0ba9cda854e1431d1
-
SSDEEP
6144:Z3o+Rzto18SeNpgdyuH1lZfRo0V8JcgE+ezpg1xrloH:Z3n5s87g7/VycgE81li
Behavioral task
behavioral1
Sample
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
berbew
http://viruslist.com/wcmd.txt
http://viruslist.com/ppslog.php
http://viruslist.com/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d
Targets
-
-
Target
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69
-
Size
448KB
-
MD5
a2f013ddcd10765120b069b9ed3f8c4e
-
SHA1
2900113a787e6accf2c3131bfa3af9f4080dd718
-
SHA256
209c8e3aae1029be0bc28e021360a533e8c7a244e19bd29bc1175ba84829fd69
-
SHA512
b93a4f5bb7eff6b792fc5273ff7d9af819b5bc961fa2f2010550f2ad5a22014729b3de711a69174ce0f9518c353d12e56b599d7b7229e7f0ba9cda854e1431d1
-
SSDEEP
6144:Z3o+Rzto18SeNpgdyuH1lZfRo0V8JcgE+ezpg1xrloH:Z3n5s87g7/VycgE81li
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Berbew family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-