Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.NEASNEAS5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dcexeexeexe_JC.exe
-
Size
348KB
-
Sample
231013-vcn7faea65
-
MD5
01b925b499a5bc1e9d7a2f93d8ac0c65
-
SHA1
d26e14bd928d6bcbbd67c482875bcfe6bf98ca2b
-
SHA256
5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dc
-
SHA512
d2718cc7cb1cc26674f9c19807a9414450a45c4ab1b156722740e49263469ab5831c5386e2e7e71fdbf0509bd0962f80a730ead83ab63a1feb3fffb06075e863
-
SSDEEP
6144:ZeR7eammRd3K+q9KiocO2WTYqh8YE6ALJf9odH7MxbyElT43u:ZeRtBRXq9LocO2WTYqhjBMM73El4
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.NEASNEAS5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dcexeexeexe_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.NEASNEAS5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dcexeexeexe_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
NEAS.NEASNEAS5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dcexeexeexe_JC.exe
-
Size
348KB
-
MD5
01b925b499a5bc1e9d7a2f93d8ac0c65
-
SHA1
d26e14bd928d6bcbbd67c482875bcfe6bf98ca2b
-
SHA256
5f6110fdf11e888a353ffc60086f15c12deb42a07eec9d8b842589bfa67176dc
-
SHA512
d2718cc7cb1cc26674f9c19807a9414450a45c4ab1b156722740e49263469ab5831c5386e2e7e71fdbf0509bd0962f80a730ead83ab63a1feb3fffb06075e863
-
SSDEEP
6144:ZeR7eammRd3K+q9KiocO2WTYqh8YE6ALJf9odH7MxbyElT43u:ZeRtBRXq9LocO2WTYqhjBMM73El4
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-