Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.24cb85843b03e33b3ca7f79d8f480c70.exe

  • Size

    119KB

  • Sample

    231101-q79dmsad8w

  • MD5

    24cb85843b03e33b3ca7f79d8f480c70

  • SHA1

    a972a3b5839da7ab39b5ec9bf709772b22cb1c5e

  • SHA256

    17c45d5ddfca05a12d3186b94132f274b92631dd6ab1e8d9c32646d552f02864

  • SHA512

    15fabcdca8c0670d5c115cf9c68c227af781449f9e68caa89317cb78e75370b474ab86502c8e66852f104208e50e0b1fc960d647d0a1cb52c07476a7bfc4d712

  • SSDEEP

    3072:jamIhkA8XLFxao6/wQUFt232MfB319sYXjmtQkisEz:dIhkA87X6wdFcD9DzmtQka

Score
8/10

Malware Config

Targets

    • Target

      NEAS.24cb85843b03e33b3ca7f79d8f480c70.exe

    • Size

      119KB

    • MD5

      24cb85843b03e33b3ca7f79d8f480c70

    • SHA1

      a972a3b5839da7ab39b5ec9bf709772b22cb1c5e

    • SHA256

      17c45d5ddfca05a12d3186b94132f274b92631dd6ab1e8d9c32646d552f02864

    • SHA512

      15fabcdca8c0670d5c115cf9c68c227af781449f9e68caa89317cb78e75370b474ab86502c8e66852f104208e50e0b1fc960d647d0a1cb52c07476a7bfc4d712

    • SSDEEP

      3072:jamIhkA8XLFxao6/wQUFt232MfB319sYXjmtQkisEz:dIhkA87X6wdFcD9DzmtQka

    Score
    8/10
    • Contacts a large (501) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Deletes itself

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks