Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

745ee245e7...eN.exe

windows7-x64

10

745ee245e7...eN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    745ee245e75459c3b651f076397638fa3215d3d0aec984738fde7a0dba54d7deN.exe

  • Size

    163KB

  • MD5

    d689b2174aea0c0d96986eb688e6e3b0

  • SHA1

    8fc89e52208af400533f5995615c363d421d8f15

  • SHA256

    745ee245e75459c3b651f076397638fa3215d3d0aec984738fde7a0dba54d7de

  • SHA512

    24cc6aabcbec10900cb609768f5942938fda582e08eee65fb340f271f182f96f287e9134f9e302f6820f84df1e25c9867156a1db69d9bcc882f681144bcfdd03

  • SSDEEP

    1536:PXgUrzUzO2dq9LJeD0NT0DuPnX+cfC3Z7lProNVU4qNVUrk/9QbfBr+7GwKrPAso:oezUasqzT0GX+c63Z7ltOrWKDBr+yJbg

Score
10/10
berbew

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://master-x.com/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://crutop.ru/index.php

http://kaspersky.ru/index.php

http://color-bank.ru/index.php

http://adult-empire.com/index.php

http://virus-list.com/index.php

http://trojan.ru/index.php

http://xware.cjb.net/index.htm

http://konfiskat.org/index.htm

http://parex-bank.ru/index.htm

http://fethard.biz/index.htm

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

Signatures

  • Berbew family
    berbew
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 745ee245e75459c3b651f076397638fa3215d3d0aec984738fde7a0dba54d7deN.exe
    .exe windows:1 windows x86 arch:x86

    c2a87fabf96470db507b2e6b43bd92eb


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.