Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.d34c9e759dbb7218835dc9895640bc80.exe

  • Size

    529KB

  • Sample

    231028-y1ffzsbd3t

  • MD5

    d34c9e759dbb7218835dc9895640bc80

  • SHA1

    710f0cb8d225c45eba7244867eca829e8bb8db95

  • SHA256

    410733d49772f3d128b353d9d732c18f3eeaf8e448b428573a7c4ec769e17564

  • SHA512

    e39979657f23c6b72c01351dbc5fedbee6e71f2b7aade7e515bce9ad2c097ad42c352618d3ea6b8af569cd487f7492ea408ceeb0c50547c5ec2790400247fef1

  • SSDEEP

    12288:xMOzTVTacEFGIgf65/8Ju2/S75FZh9BBjvrEH7e:xnzT8SIeJu2QhdrEH7e

Score
8/10

Malware Config

Targets

    • Target

      NEAS.d34c9e759dbb7218835dc9895640bc80.exe

    • Size

      529KB

    • MD5

      d34c9e759dbb7218835dc9895640bc80

    • SHA1

      710f0cb8d225c45eba7244867eca829e8bb8db95

    • SHA256

      410733d49772f3d128b353d9d732c18f3eeaf8e448b428573a7c4ec769e17564

    • SHA512

      e39979657f23c6b72c01351dbc5fedbee6e71f2b7aade7e515bce9ad2c097ad42c352618d3ea6b8af569cd487f7492ea408ceeb0c50547c5ec2790400247fef1

    • SSDEEP

      12288:xMOzTVTacEFGIgf65/8Ju2/S75FZh9BBjvrEH7e:xnzT8SIeJu2QhdrEH7e

    Score
    8/10
    • Modifies AppInit DLL entries

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks