Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.24703...70.exe

windows7-x64

10

NEAS.24703...70.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.24703392bce5edb54562453525de5070.exe

  • Size

    213KB

  • Sample

    231101-q78gcaad7t

  • MD5

    24703392bce5edb54562453525de5070

  • SHA1

    6c941bf85f22eba460b4018344903a7fc6138c5d

  • SHA256

    69746e8f859db65975d72431b1832308e5f810f87d128a7fd2748ed31dd4f00a

  • SHA512

    bce725957b0d76e61e6c0b9fa38202898cecb9961f015606a8dd718cd5dd904021ebfd13936452824739750dfb2b7c4578d0354c33c0a5c7eb84f1046e4a5e38

  • SSDEEP

    3072:xVHgCc4xGvbwcU9KQ2BBAHmaPxNVokb5E6:ECc4xGxWKQ2Bonx9

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      NEAS.24703392bce5edb54562453525de5070.exe

    • Size

      213KB

    • MD5

      24703392bce5edb54562453525de5070

    • SHA1

      6c941bf85f22eba460b4018344903a7fc6138c5d

    • SHA256

      69746e8f859db65975d72431b1832308e5f810f87d128a7fd2748ed31dd4f00a

    • SHA512

      bce725957b0d76e61e6c0b9fa38202898cecb9961f015606a8dd718cd5dd904021ebfd13936452824739750dfb2b7c4578d0354c33c0a5c7eb84f1046e4a5e38

    • SSDEEP

      3072:xVHgCc4xGvbwcU9KQ2BBAHmaPxNVokb5E6:ECc4xGxWKQ2Bonx9

    Score
    10/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks