Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.f0d0ab5855bb495d99d1e138ae4896b0.exe
-
Size
127KB
-
Sample
231022-v4glnsce28
-
MD5
f0d0ab5855bb495d99d1e138ae4896b0
-
SHA1
5d5e8774da0556029e48d3ba2142a7d02109abf5
-
SHA256
50d0e02307b3ba6d83bd28efb935b37c4f4dc7edb1b8e9cbdb3082d241a1e7b4
-
SHA512
ae5854b4ce92395c7d656f6ff97b9e831327e0fded2a98d78d858d9cac373fa0851d2084db94375c2924407e979e30e3f7e7abd590196bcb02ac3d2820bfd692
-
SSDEEP
3072:dOjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:dIH9OKofHfHTXQLzgvnzHPowYbvrjD/O
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.f0d0ab5855bb495d99d1e138ae4896b0.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.f0d0ab5855bb495d99d1e138ae4896b0.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.f0d0ab5855bb495d99d1e138ae4896b0.exe
-
Size
127KB
-
MD5
f0d0ab5855bb495d99d1e138ae4896b0
-
SHA1
5d5e8774da0556029e48d3ba2142a7d02109abf5
-
SHA256
50d0e02307b3ba6d83bd28efb935b37c4f4dc7edb1b8e9cbdb3082d241a1e7b4
-
SHA512
ae5854b4ce92395c7d656f6ff97b9e831327e0fded2a98d78d858d9cac373fa0851d2084db94375c2924407e979e30e3f7e7abd590196bcb02ac3d2820bfd692
-
SSDEEP
3072:dOjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:dIH9OKofHfHTXQLzgvnzHPowYbvrjD/O
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-