Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d3f5619093...47.exe

windows7-x64

10

d3f5619093...47.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d3f56190933dea74b65c9cb975344cc5cad2ccbdbea9978f7778c4169d8df347

  • Size

    95KB

  • Sample

    250305-mjkhtswpx6

  • MD5

    0e9a80ca65cd17ceaf4df6e4deb9a4b0

  • SHA1

    bf5cf5bc1ed38472d7ce9f2ec5146c45ab860d8c

  • SHA256

    d3f56190933dea74b65c9cb975344cc5cad2ccbdbea9978f7778c4169d8df347

  • SHA512

    6e4aee75397eb1eb28c8d4800d90d0f4fb8e9543dcefb65bf3d7264e2d20b873e4a1485e9bcdf6392c86eeeff68ac411e4fc88e95aaa3fefad14d5187abee97f

  • SSDEEP

    1536:xfJziVe31LUb0d6nhh9xtWHkg9axFnLEVNDekrOM6bOLXi8PmCofGw:LP5kzh7jyzALEve0DrLXfzoew

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      d3f56190933dea74b65c9cb975344cc5cad2ccbdbea9978f7778c4169d8df347

    • Size

      95KB

    • MD5

      0e9a80ca65cd17ceaf4df6e4deb9a4b0

    • SHA1

      bf5cf5bc1ed38472d7ce9f2ec5146c45ab860d8c

    • SHA256

      d3f56190933dea74b65c9cb975344cc5cad2ccbdbea9978f7778c4169d8df347

    • SHA512

      6e4aee75397eb1eb28c8d4800d90d0f4fb8e9543dcefb65bf3d7264e2d20b873e4a1485e9bcdf6392c86eeeff68ac411e4fc88e95aaa3fefad14d5187abee97f

    • SSDEEP

      1536:xfJziVe31LUb0d6nhh9xtWHkg9axFnLEVNDekrOM6bOLXi8PmCofGw:LP5kzh7jyzALEve0DrLXfzoew

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks