Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

NEAS.17671...60.exe

windows7-x64

8

NEAS.17671...60.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    168s
  • max time network
    175s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 19:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.1767147d72b8c12b519ff1724bc2e360.exe

  • Size

    145KB

  • MD5

    1767147d72b8c12b519ff1724bc2e360

  • SHA1

    acad5b828c600e18391f4a91b0de912bc984e5bc

  • SHA256

    865308734dd7fc421d36920ff79ce0ae4efcd214580a0ea42520751d451d7e5a

  • SHA512

    e204ee1da2dae925d3921575e2c9fc7fb6e6f35cf438fc40d4756a90c184ffaadad520e89115be236da1f8f885536d38152f41dfa6865b5ff287fc6d4384110d

  • SSDEEP

    3072:BO8tGaQ3xPEidEJQSqxBZJoYIXp0Tr14bAHK3cd/lazRd:BO8AaqcsEJQSqheYIX2J4a8cdta7

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.1767147d72b8c12b519ff1724bc2e360.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.1767147d72b8c12b519ff1724bc2e360.exe"
    1⤵
    • Drops file in Program Files directory
    PID:976
  • C:\PROGRA~3\Mozilla\osznrcg.exe
    C:\PROGRA~3\Mozilla\osznrcg.exe -jeeiybc
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:4892

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\PROGRA~3\Mozilla\osznrcg.exe
    Filesize

    145KB

    MD5

    e8afd233d7011977ee9d4b966e89c59f

    SHA1

    902b117f0e3ec6f7d1224d55b0e591b02262a483

    SHA256

    5d9402cd4499bf08d7bb607b62a6cb422035d31959507116e73070a35370a202

    SHA512

    65c848c5159441d0cd1c7842ce2963d1dd6644aba782cdcea9913b8bb59adaefd35e60ed548ec0b31cebe5e39d7c607aba8fe61a645e54c5f05f00253ac8f47c

    Download Submit

  • C:\ProgramData\Mozilla\osznrcg.exe
    Filesize

    145KB

    MD5

    e8afd233d7011977ee9d4b966e89c59f

    SHA1

    902b117f0e3ec6f7d1224d55b0e591b02262a483

    SHA256

    5d9402cd4499bf08d7bb607b62a6cb422035d31959507116e73070a35370a202

    SHA512

    65c848c5159441d0cd1c7842ce2963d1dd6644aba782cdcea9913b8bb59adaefd35e60ed548ec0b31cebe5e39d7c607aba8fe61a645e54c5f05f00253ac8f47c

    Download Submit

  • memory/976-1-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/976-2-0x0000000000A10000-0x0000000000A12000-memory.dmp

    Filesize

    8KB

    Download

  • memory/976-3-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/976-9-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/4892-10-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/4892-11-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/4892-16-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download