Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.0ff02e578b946881a6f80a1c511dc890.exe
-
Size
317KB
-
Sample
231101-q6zstabf33
-
MD5
0ff02e578b946881a6f80a1c511dc890
-
SHA1
99cafeb256475dfe4809dab942092b3095f7e1b7
-
SHA256
965c8ad9a47a0c82ceef371c2f6915573a536548368cca39c86c6bb3fb7f7cb3
-
SHA512
9091c2e388108160b59d8a60c047cd1c815c7885553fc1502ee211ed4f7d6131e508c2222721fcb8166fb8e78660485a1b881e8341bb4ebf4d49af56f8840493
-
SSDEEP
6144:MVXm4i6pO0v/YBxK8eFLj3qJ5/TX2oK/aQq:Ms4++8ijaJRO/y
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.0ff02e578b946881a6f80a1c511dc890.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.0ff02e578b946881a6f80a1c511dc890.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.0ff02e578b946881a6f80a1c511dc890.exe
-
Size
317KB
-
MD5
0ff02e578b946881a6f80a1c511dc890
-
SHA1
99cafeb256475dfe4809dab942092b3095f7e1b7
-
SHA256
965c8ad9a47a0c82ceef371c2f6915573a536548368cca39c86c6bb3fb7f7cb3
-
SHA512
9091c2e388108160b59d8a60c047cd1c815c7885553fc1502ee211ed4f7d6131e508c2222721fcb8166fb8e78660485a1b881e8341bb4ebf4d49af56f8840493
-
SSDEEP
6144:MVXm4i6pO0v/YBxK8eFLj3qJ5/TX2oK/aQq:Ms4++8ijaJRO/y
Score7/10-
Deletes itself
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of SetThreadContext
-