f11b7351c355b86449b8bc1489b4941f44569ea0b887717f739f4ffbe0bc80c3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

ns-usbloader-7.0.jar

windows10-2004-x64

8

Resubmissions

16/02/2023, 19:09

230216-xtx7saah8y 8

16/02/2023, 18:57

230216-xlytcabb96 10

Sharing

General

Target

ns-usbloader-7.0.jar
Size

19.7MB
Sample

230216-xtx7saah8y
MD5

d9d7589748e5ff43136c0eb7b5a0ae3c
SHA1

3b660a05f8adfa725889231474ae00f3845f944f
SHA256

f11b7351c355b86449b8bc1489b4941f44569ea0b887717f739f4ffbe0bc80c3
SHA512

2ae9f9d05f3c7f3ebbc5d7260b13bd2601521affb253d7706505ad541e2425b335a3f601af88e6a0643297d40d01a2c870d3ea308d17f542122a09c75c8e62a8
SSDEEP

393216:hawIJOm0djwUrY6LMOZuWXJTkKcotCXhRwsD8IjhHa42kE:haw+OLdhcYohRwsD8IjBa44

Score

8^/10

discovery

Static task

static1

Behavioral task

behavioral1

Sample

ns-usbloader-7.0.jar

Resource

win10v2004-20220812-en

windows10-2004-x64

18 signatures

600 seconds

Malware Config

Targets

- Target
  
  ns-usbloader-7.0.jar
- Size
  
  19.7MB
- MD5
  
  d9d7589748e5ff43136c0eb7b5a0ae3c
- SHA1
  
  3b660a05f8adfa725889231474ae00f3845f944f
- SHA256
  
  f11b7351c355b86449b8bc1489b4941f44569ea0b887717f739f4ffbe0bc80c3
- SHA512
  
  2ae9f9d05f3c7f3ebbc5d7260b13bd2601521affb253d7706505ad541e2425b335a3f601af88e6a0643297d40d01a2c870d3ea308d17f542122a09c75c8e62a8
- SSDEEP
  
  393216:hawIJOm0djwUrY6LMOZuWXJTkKcotCXhRwsD8IjhHa42kE:haw+OLdhcYohRwsD8IjBa44
Score

8^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy