Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.9615548690563c4e2d46a44fb4970d70.exe

  • Size

    3.0MB

  • Sample

    231028-ypr1mshc4t

  • MD5

    9615548690563c4e2d46a44fb4970d70

  • SHA1

    72b93c2bc1050b725fcb3975842f96ad0362609d

  • SHA256

    47a85b40116a374660e675def74714a4f392ecde2a9c466c57f2de0450176b69

  • SHA512

    b7905c5cab5bbc32df7c65c61e1643e7bf6686ba1f797b9d2022e93bedf68463ad6038ab077336bb0532fab9a405b200efd5016b4c9288db948acb76780e82c4

  • SSDEEP

    49152:j495UciMmq/NhjX5p3JOCdLAweZnE5c965nqqIP2Itdf:jk5LhzACdLAlnE5co5nqqIP2Itdf

Malware Config

Targets

    • Target

      NEAS.9615548690563c4e2d46a44fb4970d70.exe

    • Size

      3.0MB

    • MD5

      9615548690563c4e2d46a44fb4970d70

    • SHA1

      72b93c2bc1050b725fcb3975842f96ad0362609d

    • SHA256

      47a85b40116a374660e675def74714a4f392ecde2a9c466c57f2de0450176b69

    • SHA512

      b7905c5cab5bbc32df7c65c61e1643e7bf6686ba1f797b9d2022e93bedf68463ad6038ab077336bb0532fab9a405b200efd5016b4c9288db948acb76780e82c4

    • SSDEEP

      49152:j495UciMmq/NhjX5p3JOCdLAweZnE5c965nqqIP2Itdf:jk5LhzACdLAlnE5co5nqqIP2Itdf

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks