Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.f8df8...JC.exe

windows7-x64

10

NEAS.f8df8...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.f8df8edeb8b4cd0fd386f4e44dde6bdd_JC.exe

  • Size

    896KB

  • Sample

    231012-xevs4sag37

  • MD5

    f8df8edeb8b4cd0fd386f4e44dde6bdd

  • SHA1

    c2b72c5284cf79cdcd21ccb06278020d0a44006b

  • SHA256

    1eb9d5d7b5bbef52c15d846559a9fc5a8953f1e0db4f80bd8b73b5374ace3fa8

  • SHA512

    0a48664407f749339fcaa48cda14e91b9a1d1b39aad416a1c71ba7479ed468cbf5a90114f197a59303e12c0d01c22d7cc6ad1fee1953e93e42bc78af0058dea9

  • SSDEEP

    24576:kkTRTGryZ5d9TRTGryaITRTGryZ5d9TRTGryeLTRTGryZ5d9TRTGryaITRTGryZB:j9bD99wI9bD99e9bD99wI9bD99

Score
10/10
persistence

Malware Config

Targets

    • Target

      NEAS.f8df8edeb8b4cd0fd386f4e44dde6bdd_JC.exe

    • Size

      896KB

    • MD5

      f8df8edeb8b4cd0fd386f4e44dde6bdd

    • SHA1

      c2b72c5284cf79cdcd21ccb06278020d0a44006b

    • SHA256

      1eb9d5d7b5bbef52c15d846559a9fc5a8953f1e0db4f80bd8b73b5374ace3fa8

    • SHA512

      0a48664407f749339fcaa48cda14e91b9a1d1b39aad416a1c71ba7479ed468cbf5a90114f197a59303e12c0d01c22d7cc6ad1fee1953e93e42bc78af0058dea9

    • SSDEEP

      24576:kkTRTGryZ5d9TRTGryaITRTGryZ5d9TRTGryeLTRTGryZ5d9TRTGryaITRTGryZB:j9bD99wI9bD99e9bD99wI9bD99

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks