Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.161cf0948e16da3ad8e981c1f033e780.exe

  • Size

    63KB

  • Sample

    231013-ygn9saed2x

  • MD5

    161cf0948e16da3ad8e981c1f033e780

  • SHA1

    369a7925e91ff26289a20bb98c06eb4d127d2f02

  • SHA256

    7a428920b1f55fc9739548e674570952086cfcff79471d7b0136fd8e438d8dde

  • SHA512

    d33f58bc8b346205a519a7eedc1bf4696de242f22fb445e5d0fcc50528919215a5ca2f6bbf2c5a129d1d11cd776f973fff1b61d9266e7122b8b5ba74afed6832

  • SSDEEP

    1536:DuJIcNwIWt2YvLF7gCZOj+UwwrjtvK4tMzIDC2oB:YIcWrt2cuCURtvKAMzIOr

Score
7/10
upx

Malware Config

Targets

    • Target

      NEAS.161cf0948e16da3ad8e981c1f033e780.exe

    • Size

      63KB

    • MD5

      161cf0948e16da3ad8e981c1f033e780

    • SHA1

      369a7925e91ff26289a20bb98c06eb4d127d2f02

    • SHA256

      7a428920b1f55fc9739548e674570952086cfcff79471d7b0136fd8e438d8dde

    • SHA512

      d33f58bc8b346205a519a7eedc1bf4696de242f22fb445e5d0fcc50528919215a5ca2f6bbf2c5a129d1d11cd776f973fff1b61d9266e7122b8b5ba74afed6832

    • SSDEEP

      1536:DuJIcNwIWt2YvLF7gCZOj+UwwrjtvK4tMzIDC2oB:YIcWrt2cuCURtvKAMzIOr

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks