Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

NEAS.85217...70.exe

windows7-x64

9

NEAS.85217...70.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.85217b075392b28c991e9f0fc938c470.exe

  • Size

    233KB

  • Sample

    231021-z9hs5seh4y

  • MD5

    85217b075392b28c991e9f0fc938c470

  • SHA1

    cf4e54ab772597ccd8f9da447ac6aa475f4c4c86

  • SHA256

    7c2157f00b35563c25f3d16b244273ff81e61fbb3d2a7f8779ee382c7402c29b

  • SHA512

    673f7e77c9c9d760b2bd15ae33ad443bfa803fe28a17df82776278e131489d2058ca1e7e881f04bba5be8ddf22efcc16e71c8ac3197a41ea67bbb587c1e29d78

  • SSDEEP

    6144:RqlIyFESWu0SWu2s8PxqlIyFESWu0SWu2s8Pt:tyosQyose

Score
9/10
ransomware

Malware Config

Targets

    • Target

      NEAS.85217b075392b28c991e9f0fc938c470.exe

    • Size

      233KB

    • MD5

      85217b075392b28c991e9f0fc938c470

    • SHA1

      cf4e54ab772597ccd8f9da447ac6aa475f4c4c86

    • SHA256

      7c2157f00b35563c25f3d16b244273ff81e61fbb3d2a7f8779ee382c7402c29b

    • SHA512

      673f7e77c9c9d760b2bd15ae33ad443bfa803fe28a17df82776278e131489d2058ca1e7e881f04bba5be8ddf22efcc16e71c8ac3197a41ea67bbb587c1e29d78

    • SSDEEP

      6144:RqlIyFESWu0SWu2s8PxqlIyFESWu0SWu2s8Pt:tyosQyose

    Score
    9/10
    ransomware

    • Renames multiple (1055) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Renames multiple (225) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

      ransomware

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks