Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c6e1b44f11eb872cef47463c89600330.exe

  • Size

    144KB

  • Sample

    231016-w9l9sacf73

  • MD5

    c6e1b44f11eb872cef47463c89600330

  • SHA1

    ab9832bb4a16e52c38121dec9decd88068e279d5

  • SHA256

    e05f4ce2602ef0e7d507a32c542f208ce459b46cb1322c24d68102328d71c7f5

  • SHA512

    2e091fd5d5b3ef5f6e28dffa95f5a82e38aa4a5542ceefffc07ca9878b7bc1da9bf1992c256bf5530fc8319b0fb8460161e1c4d672c95bec3447f3e8f698ff3c

  • SSDEEP

    3072:awfsct/49lNtAcDfgdDK5DQzdH13+EE+RaZ6r+GDZnBcVU:a3849dAcDf7Qzd5IF6rfBBcVU

Score
10/10

Malware Config

Targets

    • Target

      NEAS.c6e1b44f11eb872cef47463c89600330.exe

    • Size

      144KB

    • MD5

      c6e1b44f11eb872cef47463c89600330

    • SHA1

      ab9832bb4a16e52c38121dec9decd88068e279d5

    • SHA256

      e05f4ce2602ef0e7d507a32c542f208ce459b46cb1322c24d68102328d71c7f5

    • SHA512

      2e091fd5d5b3ef5f6e28dffa95f5a82e38aa4a5542ceefffc07ca9878b7bc1da9bf1992c256bf5530fc8319b0fb8460161e1c4d672c95bec3447f3e8f698ff3c

    • SSDEEP

      3072:awfsct/49lNtAcDfgdDK5DQzdH13+EE+RaZ6r+GDZnBcVU:a3849dAcDf7Qzd5IF6rfBBcVU

    Score
    10/10
    • Adds autorun key to be loaded by Explorer.exe on startup

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks