Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.39cbd...90.exe

windows7-x64

10

NEAS.39cbd...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.39cbdd80113c3daeec9bd0aa8f09cf90.exe

  • Size

    352KB

  • Sample

    231014-wfc41shc5v

  • MD5

    39cbdd80113c3daeec9bd0aa8f09cf90

  • SHA1

    4c84998aa5b6f0511d3427c369cb53dc84a14be8

  • SHA256

    8186eef16b08ab5e7f4b64fe8963d3789e2dac0ee3b87a0307074f82e7022f78

  • SHA512

    11c1b829ab8af7e3586d6106e94613530276740106f7b1d1f7cbb9a1d18fda8c7f01d1784df8e10fbcc824edea3f5fbf2df837fcdbf6c23345e647e277a68cd8

  • SSDEEP

    6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNrv2SxhIP4i:/pW2IoioS65xTi

Score
10/10
discoveryevasionexploitpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.39cbdd80113c3daeec9bd0aa8f09cf90.exe

    • Size

      352KB

    • MD5

      39cbdd80113c3daeec9bd0aa8f09cf90

    • SHA1

      4c84998aa5b6f0511d3427c369cb53dc84a14be8

    • SHA256

      8186eef16b08ab5e7f4b64fe8963d3789e2dac0ee3b87a0307074f82e7022f78

    • SHA512

      11c1b829ab8af7e3586d6106e94613530276740106f7b1d1f7cbb9a1d18fda8c7f01d1784df8e10fbcc824edea3f5fbf2df837fcdbf6c23345e647e277a68cd8

    • SSDEEP

      6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNrv2SxhIP4i:/pW2IoioS65xTi

    Score
    10/10
    discoveryevasionexploitpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks