Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.f1d8af84a0692c2b41a3f1781accf580.exe

  • Size

    474KB

  • Sample

    231028-y3hn5aed57

  • MD5

    f1d8af84a0692c2b41a3f1781accf580

  • SHA1

    a7bca1d8e2ee512e331f96efa7c2e305f5e470b3

  • SHA256

    f12bf1acd8cc8f9c4397be6836104bcea66e5f9f9caaf3d3a0b63e5751aa7b99

  • SHA512

    28d5eeb5a9d719a86545fb0ae040494be4b1501dce060202937d1167123163fc7a3205e4e9debe1de5ce8030029e540d161f5d34d88aaed9cc852cc5739955a8

  • SSDEEP

    6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl5:nRDc3yWDNU+YUznzNjElWaT07NQt5

Score
10/10

Malware Config

Targets

    • Target

      NEAS.f1d8af84a0692c2b41a3f1781accf580.exe

    • Size

      474KB

    • MD5

      f1d8af84a0692c2b41a3f1781accf580

    • SHA1

      a7bca1d8e2ee512e331f96efa7c2e305f5e470b3

    • SHA256

      f12bf1acd8cc8f9c4397be6836104bcea66e5f9f9caaf3d3a0b63e5751aa7b99

    • SHA512

      28d5eeb5a9d719a86545fb0ae040494be4b1501dce060202937d1167123163fc7a3205e4e9debe1de5ce8030029e540d161f5d34d88aaed9cc852cc5739955a8

    • SSDEEP

      6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl5:nRDc3yWDNU+YUznzNjElWaT07NQt5

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks