Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

NEAS.NEASf...C.xlam

windows7-x64

10

NEAS.NEASf...C.xlam

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.NEASf4d8c1a30a7b5bcc8c486c0be1255b620da33af0bd491fe6bc28a1ae90300428xlsxxlsx_JC.xlsx

  • Size

    725KB

  • Sample

    231021-xjrl9aha41

  • MD5

    7c8f10ca8113bde86cc98e6e08c2318c

  • SHA1

    6d985706cb5c210d944e07b24dffd9ae5d57927f

  • SHA256

    f4d8c1a30a7b5bcc8c486c0be1255b620da33af0bd491fe6bc28a1ae90300428

  • SHA512

    165f8514f9157c261b9ca06415e5aa5dc93187fe043eff828ae5f8118c213922b548645fead417edb1aef253dfb7cdffc001af103235ec7735a8709fe47c1e2a

  • SSDEEP

    12288:fcs34BfUcKYHk2g6hdeLBC74aSzU8CBSlizbbS1IK64GkBh7HgfPp2j:f8KYLs5zTCQqbbSy4dDSPpk

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://wallpapercave.com/uwp/uwp4082989.png
exe.dropper

https://wallpapercave.com/uwp/uwp4082989.png

Targets

    • Target

      NEAS.NEASf4d8c1a30a7b5bcc8c486c0be1255b620da33af0bd491fe6bc28a1ae90300428xlsxxlsx_JC.xlsx

    • Size

      725KB

    • MD5

      7c8f10ca8113bde86cc98e6e08c2318c

    • SHA1

      6d985706cb5c210d944e07b24dffd9ae5d57927f

    • SHA256

      f4d8c1a30a7b5bcc8c486c0be1255b620da33af0bd491fe6bc28a1ae90300428

    • SHA512

      165f8514f9157c261b9ca06415e5aa5dc93187fe043eff828ae5f8118c213922b548645fead417edb1aef253dfb7cdffc001af103235ec7735a8709fe47c1e2a

    • SSDEEP

      12288:fcs34BfUcKYHk2g6hdeLBC74aSzU8CBSlizbbS1IK64GkBh7HgfPp2j:f8KYLs5zTCQqbbSy4dDSPpk

    Score
    10/10

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks