Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.8f31d9d3e255e3ff701c034e37b74f20_JC.exe
-
Size
41KB
-
Sample
231006-sfljlsde41
-
MD5
8f31d9d3e255e3ff701c034e37b74f20
-
SHA1
cfed58af9715f3d9f129657d90c1043fe9ea9833
-
SHA256
ee0ca72dfd2c31d50bd0aafc996d56c7c60dd4a537002288fec15a1ebc19a845
-
SHA512
31f68183c2e7045d097b9fb89259ea13991edf7c366a6e8d56b56512aa11d8dfc3063ea003f285d58c5546653a4eb8e63f4e39254f570e97942a17cf3b3d51f7
-
SSDEEP
768:deMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09Cy:dq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSz
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.8f31d9d3e255e3ff701c034e37b74f20_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.8f31d9d3e255e3ff701c034e37b74f20_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
NEAS.8f31d9d3e255e3ff701c034e37b74f20_JC.exe
-
Size
41KB
-
MD5
8f31d9d3e255e3ff701c034e37b74f20
-
SHA1
cfed58af9715f3d9f129657d90c1043fe9ea9833
-
SHA256
ee0ca72dfd2c31d50bd0aafc996d56c7c60dd4a537002288fec15a1ebc19a845
-
SHA512
31f68183c2e7045d097b9fb89259ea13991edf7c366a6e8d56b56512aa11d8dfc3063ea003f285d58c5546653a4eb8e63f4e39254f570e97942a17cf3b3d51f7
-
SSDEEP
768:deMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09Cy:dq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSz
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-