Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.86dca...JC.exe

windows7-x64

7

NEAS.86dca...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    15s
  • max time network
    19s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/10/2023, 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.86dca22769a3cfc4c1457e34dc36d450_JC.exe

  • Size

    184KB

  • MD5

    86dca22769a3cfc4c1457e34dc36d450

  • SHA1

    b3ac732418ccd83f14402170afb6949cf19e1157

  • SHA256

    f2f0217bc3a425cdf0fd277e27e621d0422a6595c2b4cadad849c7322cc20b3b

  • SHA512

    a93a7fa836189b9cbbaa0f5bef112f48abad1ea9100a341a7ab4827d4404bb15a9158d901b7700a607cf8808f20142e76a6ce41b4c8943ff0a87c80593136636

  • SSDEEP

    3072:G63sCkon4eNqd4rtWC98VGvUlvnqnvinonR:G6Sozm4rF8cvUlPqnvino

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.86dca22769a3cfc4c1457e34dc36d450_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.86dca22769a3cfc4c1457e34dc36d450_JC.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4768
    • C:\Users\Admin\AppData\Local\Temp\Unicorn-10519.exe
      C:\Users\Admin\AppData\Local\Temp\Unicorn-10519.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Unicorn-10519.exe
    Filesize

    184KB

    MD5

    76027467b883075fb00768bd9cd0dae6

    SHA1

    faa3c4c817a2560f64816b2e25318a0afbe771a7

    SHA256

    f05cb9ad75a1b14f506e5d53df3f41d7d3d16554a0f0734b8eba11b02f2ed522

    SHA512

    eae7e1206a0d79dffe27a4dcff5b9dd03632056b53b3e805b72d2a084171a7e64d5406fe21499774d05c287a50957f617691fc3b599adf54fe45db6e30256cb1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Unicorn-10519.exe
    Filesize

    184KB

    MD5

    76027467b883075fb00768bd9cd0dae6

    SHA1

    faa3c4c817a2560f64816b2e25318a0afbe771a7

    SHA256

    f05cb9ad75a1b14f506e5d53df3f41d7d3d16554a0f0734b8eba11b02f2ed522

    SHA512

    eae7e1206a0d79dffe27a4dcff5b9dd03632056b53b3e805b72d2a084171a7e64d5406fe21499774d05c287a50957f617691fc3b599adf54fe45db6e30256cb1

    Download Submit