Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

NEAS.01f9e...70.exe

windows7-x64

6

NEAS.01f9e...70.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    01/11/2023, 04:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.01f9eabffae3a7315a52daa26f967170.exe

  • Size

    919KB

  • MD5

    01f9eabffae3a7315a52daa26f967170

  • SHA1

    66af445a818c6e0bd2768fbfcf7856024e584166

  • SHA256

    4f011764d5d1929b9d84397991855ac9e1db16b8d6ebc590127f6dc6b7b31ead

  • SHA512

    08056d273f4ad51caafa64bc8120458193e443a80f35a6d0f436ecb67ade5481266646b769bb5257207a24da604137966d7cbf8ab58ea34de69d8308623c3756

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1DzbB:Hha8iAx+1zwjmHd6vB/jO11zzss6TQt

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.01f9eabffae3a7315a52daa26f967170.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.01f9eabffae3a7315a52daa26f967170.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    928KB

    MD5

    e03240ba6086ea293151c03f4f3e3c1f

    SHA1

    40c9255704b06a9acc362d10792c8df2651144cc

    SHA256

    fa02d46f4e0d760d748b41a19320e367a8948902bf9f6c17329e9858cc55e67d

    SHA512

    e355bd8c00d33e9c37c50bdc40fe3ee25ad9c8234062222fd571f080f5f70c5316ac7c56999a9e7e946fd06c9f458ef6710b84cab1e158e8068788d22278cae8

    Download Submit

  • memory/2952-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2952-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download