Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.656c63006068538198afe4ab5606ddd0.exe
-
Size
322KB
-
Sample
231022-vwtahadh7v
-
MD5
656c63006068538198afe4ab5606ddd0
-
SHA1
f705a3a26d060a89eeb9dc83e1cc505081656f4f
-
SHA256
6bb70e85c536e64d979b1ab180a9324e0d0190919caa15062f3ab0264867179f
-
SHA512
cbcc72b89c57a20fca27c6cdca2b1cb9d511dea227242985a86c11d672d0fff7d900652e8a70f7374153b3149f03368a31482e7429be60e94734272c0c0b9caa
-
SSDEEP
6144:Jsw5Kw5npJ7bSxbS9ibSo7rhnkP+6bfbSankP+6bE00OC9+CJk6g:d5Z5nfe1y+AQ+rOXCJkd
Malware Config
Targets
-
-
Target
NEAS.656c63006068538198afe4ab5606ddd0.exe
-
Size
322KB
-
MD5
656c63006068538198afe4ab5606ddd0
-
SHA1
f705a3a26d060a89eeb9dc83e1cc505081656f4f
-
SHA256
6bb70e85c536e64d979b1ab180a9324e0d0190919caa15062f3ab0264867179f
-
SHA512
cbcc72b89c57a20fca27c6cdca2b1cb9d511dea227242985a86c11d672d0fff7d900652e8a70f7374153b3149f03368a31482e7429be60e94734272c0c0b9caa
-
SSDEEP
6144:Jsw5Kw5npJ7bSxbS9ibSo7rhnkP+6bfbSankP+6bE00OC9+CJk6g:d5Z5nfe1y+AQ+rOXCJkd
Score8/10-
Drops file in Drivers directory
-
Sets service image path in registry
-
Modifies system executable filetype association
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1