Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

NEAS.9f8f8...d0.exe

windows7-x64

7

NEAS.9f8f8...d0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    16/10/2023, 18:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.9f8f8ecb396a7a43411173af9f2e62d0.exe

  • Size

    279KB

  • MD5

    9f8f8ecb396a7a43411173af9f2e62d0

  • SHA1

    576571b5950292feeb00554c0d33c878048bdac2

  • SHA256

    7b16389e3c2dec148017f6ef3406c2e322fb20eb0e9706eacfcbebb9533ffd36

  • SHA512

    515392df5bb09153569a7809ff36d33ecbe8f62df3db9620082b0ff4274911f73894a28fe859ce399bdfa17b7a90897c2bdde5743d432ad2bfd3a727b308da47

  • SSDEEP

    6144:uuq1yy/pjnkeQ4m13YSfZgaPlWERGKjwjglIQ2beZ:y1yc9kbJ3YyrlWqGewj4IQ2bc

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 18 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.9f8f8ecb396a7a43411173af9f2e62d0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.9f8f8ecb396a7a43411173af9f2e62d0.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Windows directory
    PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\win32dc\Half-Life 2 + codes.exe
    Filesize

    279KB

    MD5

    e82fe2e3beaf083ea1a7b7e018ce012d

    SHA1

    7c707743c79937d5856a9004e19f7baee8a61b53

    SHA256

    85d79a99494e5744c65070b752490e113aa471b0a77df3e967c50844f3621211

    SHA512

    bbb666f13dad42f226df614761149f17e6263364ebafed6943b2d9004960662b3feac3636a57b3334f04a761c0167cfa65e0429b8acdd5e13dd5762ac1f8e223

    Download Submit

  • memory/1984-0-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download

  • memory/1984-18-0x0000000000400000-0x0000000000418000-memory.dmp

    Filesize

    96KB

    Download