Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
170s -
max time network
173s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
-
submitted
13/10/2023, 20:12
General
-
Target
NEAS.3772b599876db19692d2d09043e955b0.exe
-
Size
386KB
-
MD5
3772b599876db19692d2d09043e955b0
-
SHA1
62bc18e2a88dec058242de40ece7b01b76d67926
-
SHA256
acd9feac4b06e521e17ded7cfd98b5e548457fbab9e1bbda5c1962950ae027c4
-
SHA512
5563229813fa8f6ac097c9ccde09410db622ce971ddd5a444844d6d1045108a6cb7a55a2119b52c499b2daee6e8e119e90661569f4c6cda31adb565273aa972a
-
SSDEEP
12288:4plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:kxRQ+Fucuvm0as
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\NEAS.3772b599876db19692d2d09043e955b0.exe"C:\Users\Admin\AppData\Local\Temp\NEAS.3772b599876db19692d2d09043e955b0.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Suppress\status.exe"C:\Program Files\Suppress\status.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
386KB
MD533390d65f21a5f946ecb86bd5dc90554
SHA11c6c9fdb395ac7097ead73579534c3c855f828a7
SHA25640989dd57e00c524e5c47ae678d72e33c88e0dfd845e9701f717dfc5077e6abe
SHA5129050447cba7dbbb0e4f87552e51228e605bc207571f57f1edf142eb2db60be3e22ed66028730a7e8395ed5c5ec5b5c95464327578e2cdb0e16d27bd26f4bb1bb
-
Filesize
386KB
MD533390d65f21a5f946ecb86bd5dc90554
SHA11c6c9fdb395ac7097ead73579534c3c855f828a7
SHA25640989dd57e00c524e5c47ae678d72e33c88e0dfd845e9701f717dfc5077e6abe
SHA5129050447cba7dbbb0e4f87552e51228e605bc207571f57f1edf142eb2db60be3e22ed66028730a7e8395ed5c5ec5b5c95464327578e2cdb0e16d27bd26f4bb1bb