Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.5d176...40.exe

windows7-x64

7

NEAS.5d176...40.exe

windows10-2004-x64

Analysis

  • max time kernel
    36s
  • max time network
    38s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13/10/2023, 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.5d176bc299b7ec755fefdae0c0117340.exe

  • Size

    428KB

  • MD5

    5d176bc299b7ec755fefdae0c0117340

  • SHA1

    7b153dafdad5292def20bf76d7e169d12a44ed60

  • SHA256

    c067812b98747014b48a626a479e389383568d92fde1a510000efd9eb8fe507d

  • SHA512

    c6e7c871bdfdf57c03ddc1672cb12daf01d44f45218fc50d5c3f311054c5aaa508e74a7077ec4a38a6ccd87eb2c0783afd89e99b89fb284ca8b54cd6f8583bb7

  • SSDEEP

    12288:Z594+AcL4tBekiuKzErZFMS5XJ7LE/Bbh8uiOTol:BL4tBekiuVrZOSDXohgF

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.5d176bc299b7ec755fefdae0c0117340.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.5d176bc299b7ec755fefdae0c0117340.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Users\Admin\AppData\Local\Temp\44AE.tmp
      "C:\Users\Admin\AppData\Local\Temp\44AE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.5d176bc299b7ec755fefdae0c0117340.exe D2ED16BD57B40C306F9E96B4F69AEF8315D973E2D204F7451B05406B2C27E5BDD5A98E70BFE5EBD707D6096679758D877090E0C68E3D8B4FCD1851FCDB8ED9B8
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\44AE.tmp
    Filesize

    428KB

    MD5

    34e4aa1341c2bc02c477e94c0b40155f

    SHA1

    b95fb76589e521b05468b42568d20e1e7a66f623

    SHA256

    0af7dbc84a04a7f4174aef982c992bbac24118f55c3d0f39bb60b012bf03aef4

    SHA512

    b90a4cefba5b1e474d0f1594ab362c2d39fdb03e580db2463a0d6b9d104dd63a8ac37ced00c081e7e81939cbac04a6f603c4123443d7e65c02c8a050a035834f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\44AE.tmp
    Filesize

    428KB

    MD5

    34e4aa1341c2bc02c477e94c0b40155f

    SHA1

    b95fb76589e521b05468b42568d20e1e7a66f623

    SHA256

    0af7dbc84a04a7f4174aef982c992bbac24118f55c3d0f39bb60b012bf03aef4

    SHA512

    b90a4cefba5b1e474d0f1594ab362c2d39fdb03e580db2463a0d6b9d104dd63a8ac37ced00c081e7e81939cbac04a6f603c4123443d7e65c02c8a050a035834f

    Download Submit