Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.NEAS2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332exeexe_JC.exe
-
Size
1.3MB
-
Sample
231016-pbmz4aec2w
-
MD5
128833df1ad9ba0fff0b6dec6005763c
-
SHA1
608737e7b26ff4928a59be900c61972842dbcdad
-
SHA256
2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332
-
SHA512
6bed21c928074e4fcce687e248a3d3153800ba0f538a0262bf6cbc6e9827795310634745c95a16c71c015864bf133bdfd5e6793fb0b20bc157155350f3171405
-
SSDEEP
24576:eYiY3byk8gRn94kF/FltV6ivdJ9F5CDOrbr9dC9T1pbYisTSv60TinHtA4DyvT+e:eYio8a+kfRFsDSe1p8tTWBTt4W7+Q
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.NEAS2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332exeexe_JC.exe
Resource
win7-20230831-en
Malware Config
Targets
-
-
Target
NEAS.NEAS2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332exeexe_JC.exe
-
Size
1.3MB
-
MD5
128833df1ad9ba0fff0b6dec6005763c
-
SHA1
608737e7b26ff4928a59be900c61972842dbcdad
-
SHA256
2d22cc60481e1f25e5bf703cf6d8bd1d4c386036e595e6ada518eea110036332
-
SHA512
6bed21c928074e4fcce687e248a3d3153800ba0f538a0262bf6cbc6e9827795310634745c95a16c71c015864bf133bdfd5e6793fb0b20bc157155350f3171405
-
SSDEEP
24576:eYiY3byk8gRn94kF/FltV6ivdJ9F5CDOrbr9dC9T1pbYisTSv60TinHtA4DyvT+e:eYio8a+kfRFsDSe1p8tTWBTt4W7+Q
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-