Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.b7e1a...a0.exe

windows7-x64

7

NEAS.b7e1a...a0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    155s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 19:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe

  • Size

    443KB

  • MD5

    b7e1a459cd96781d58dc46a302c5bda0

  • SHA1

    db1201b075297e4a73faf00535164fb65168f665

  • SHA256

    0a0aa68f65311ddf1937dc3c1ad08475e8519953465aab8955248d49d6c78d89

  • SHA512

    2d5443d7acb98044b32146e2c70a33a2c771a41f48d822491e091c33762fe0084a4d21ef199fcaf70089cf13c5864df384cc9bf1685210eb56f14891af71b7b6

  • SSDEEP

    6144:y1Nly1+SGVnjwReY0Iv/s9yLQ/M1ifzDThCDVi30nkUDYWEnr8HGEJSqqIvz2BOH:SDyRhRPvE9yLQ/M1inTcVYUtVuSyI6pQ

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4116
    • C:\Users\Admin\AppData\Local\Temp\AE51.tmp
      "C:\Users\Admin\AppData\Local\Temp\AE51.tmp" --pingC:\Users\Admin\AppData\Local\Temp\NEAS.b7e1a459cd96781d58dc46a302c5bda0.exe 4AE51D2B80FFB48D504EB55DEFFE5222AB3057172A335947CD6308FCEDA4E8428ADD0A90D6619E36EF6DFA20E5A0B7FE37807AEFDCAC8C69C4D46A30174FB463
      2⤵
      • Executes dropped EXE
      PID:3864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\AE51.tmp
    Filesize

    443KB

    MD5

    25e6802cde8508aef4a27e352acac8ae

    SHA1

    3643e250f8d9b2dfd8ccb54e25d32733395b44e7

    SHA256

    671a0b7c18b00855a1e577137c95979f9ce993516f6106121cdc2b6fab26ecb2

    SHA512

    7f5be5182b8edc640132363b5b95bf9a2b4a8b0b34fd736b9e2d5f3cbb22ab4750a64fdecf91641e17bfdd2757ad5cf5a18c1c0668a236014c6244140a4e6aee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\AE51.tmp
    Filesize

    443KB

    MD5

    25e6802cde8508aef4a27e352acac8ae

    SHA1

    3643e250f8d9b2dfd8ccb54e25d32733395b44e7

    SHA256

    671a0b7c18b00855a1e577137c95979f9ce993516f6106121cdc2b6fab26ecb2

    SHA512

    7f5be5182b8edc640132363b5b95bf9a2b4a8b0b34fd736b9e2d5f3cbb22ab4750a64fdecf91641e17bfdd2757ad5cf5a18c1c0668a236014c6244140a4e6aee

    Download Submit