Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

e12c925465...8f.exe

windows7-x64

10

e12c925465...8f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e12c9254653757e66f92bec4559ef14f0636d587bf6beee2a47957cc0a6eb28f

  • Size

    96KB

  • Sample

    250305-nmhzvaxnw6

  • MD5

    3855135e8a66ad8a0de2dff46e52e2ec

  • SHA1

    273aaa06cfae94360f38337e726d113fd7ef481d

  • SHA256

    e12c9254653757e66f92bec4559ef14f0636d587bf6beee2a47957cc0a6eb28f

  • SHA512

    416a60ac0ed89b42c5c5b237e3db2ab36fc773dbcd642df0e65e906788b1e36acafd1627bfe09af55bb26fdff88e401fe2be1f5847bd8c49893411b94b8d0af9

  • SSDEEP

    1536:TUkew8LhcR3y9X9dM0GuDFYK6YmMKcf/BOm9CMy0QiLiizHNQNdq:TUkewKuC5kuDFYK654f5Om9CMyELiAH9

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Extracted

Family

berbew

C2

http://f/wcmd.htm

http://f/ppslog.php

http://f/piplog.php?%s:%i:%i:%s:%09u:%i:%02d:%02d:%02d

Targets

    • Target

      e12c9254653757e66f92bec4559ef14f0636d587bf6beee2a47957cc0a6eb28f

    • Size

      96KB

    • MD5

      3855135e8a66ad8a0de2dff46e52e2ec

    • SHA1

      273aaa06cfae94360f38337e726d113fd7ef481d

    • SHA256

      e12c9254653757e66f92bec4559ef14f0636d587bf6beee2a47957cc0a6eb28f

    • SHA512

      416a60ac0ed89b42c5c5b237e3db2ab36fc773dbcd642df0e65e906788b1e36acafd1627bfe09af55bb26fdff88e401fe2be1f5847bd8c49893411b94b8d0af9

    • SSDEEP

      1536:TUkew8LhcR3y9X9dM0GuDFYK6YmMKcf/BOm9CMy0QiLiizHNQNdq:TUkewKuC5kuDFYK654f5Om9CMyELiAH9

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks