Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ef9b7a7dc1...fc.exe

windows7-x64

10

ef9b7a7dc1...fc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ef9b7a7dc188f1fa7d28ef9ceadce219efe9b9e881cb8cca233f585e669a80fc

  • Size

    59KB

  • Sample

    250305-prmz2aynx5

  • MD5

    85d44a624452afd2710afa7402c33c27

  • SHA1

    7db081a6ab31da126664eee3e71abd6286717e3b

  • SHA256

    ef9b7a7dc188f1fa7d28ef9ceadce219efe9b9e881cb8cca233f585e669a80fc

  • SHA512

    503ff6591394741ff72cc2e7df88b715c116ea62d41b53bdd62c05449784bb27f45f15baf16eee07dbf638e8cbaf5373c1f929204e46a5bc8804f43ca9afeb26

  • SSDEEP

    768:6SIxdYrWe6jQBEjfwo7aBYnhGMkFHrUZ/1H56b5nf1fZMEBFELvkVgFR:dkdYrWe6jQ+fIwh4BiiNCyVs

Score
10/10
berbewbackdoordiscoverypersistence

Malware Config

Targets

    • Target

      ef9b7a7dc188f1fa7d28ef9ceadce219efe9b9e881cb8cca233f585e669a80fc

    • Size

      59KB

    • MD5

      85d44a624452afd2710afa7402c33c27

    • SHA1

      7db081a6ab31da126664eee3e71abd6286717e3b

    • SHA256

      ef9b7a7dc188f1fa7d28ef9ceadce219efe9b9e881cb8cca233f585e669a80fc

    • SHA512

      503ff6591394741ff72cc2e7df88b715c116ea62d41b53bdd62c05449784bb27f45f15baf16eee07dbf638e8cbaf5373c1f929204e46a5bc8804f43ca9afeb26

    • SSDEEP

      768:6SIxdYrWe6jQBEjfwo7aBYnhGMkFHrUZ/1H56b5nf1fZMEBFELvkVgFR:dkdYrWe6jQ+fIwh4BiiNCyVs

    Score
    10/10
    berbewbackdoordiscoverypersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Berbew

      Berbew is a backdoor written in C++.

      backdoorberbew

    • Berbew family

      berbew

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks