Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.491a4400f0081e9c71ed75e09f020480_JC.exe

  • Size

    309KB

  • Sample

    231101-j5rmgscg7x

  • MD5

    491a4400f0081e9c71ed75e09f020480

  • SHA1

    44c94a071e69d06a55be61f75a0181c7cf6ebddb

  • SHA256

    b6f63ae9465da430f945f0c70b35b5ae222981229f001a96d2676d118e5ef050

  • SHA512

    8ec589baddbb55c57ce2bb670a4fe595dd4fc1eedde4a7f1583b5dc69754d0ad89bbe468aff9c0d1f5a87748ed03f3ded8e1b1a40ea4b7c8f11ff144441e6392

  • SSDEEP

    3072:LdEUfKj8BYbDiC1ZTK7sxtLUIGYDU9q3XRrMBEGltj95y6hsYDRduAuCBEBJ/Py:LUSiZTK40Y6

Score
7/10
upx

Malware Config

Targets

    • Target

      NEAS.491a4400f0081e9c71ed75e09f020480_JC.exe

    • Size

      309KB

    • MD5

      491a4400f0081e9c71ed75e09f020480

    • SHA1

      44c94a071e69d06a55be61f75a0181c7cf6ebddb

    • SHA256

      b6f63ae9465da430f945f0c70b35b5ae222981229f001a96d2676d118e5ef050

    • SHA512

      8ec589baddbb55c57ce2bb670a4fe595dd4fc1eedde4a7f1583b5dc69754d0ad89bbe468aff9c0d1f5a87748ed03f3ded8e1b1a40ea4b7c8f11ff144441e6392

    • SSDEEP

      3072:LdEUfKj8BYbDiC1ZTK7sxtLUIGYDU9q3XRrMBEGltj95y6hsYDRduAuCBEBJ/Py:LUSiZTK40Y6

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks