Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.279fca2fb9903b7be96c3cadc7ef3a50.exe

  • Size

    458KB

  • Sample

    231101-q8gd9acd84

  • MD5

    279fca2fb9903b7be96c3cadc7ef3a50

  • SHA1

    e169f06c121656afcd28fbe0f90cd4565fc31c27

  • SHA256

    f2a3a9f378db287bdd6aeb8c68e8e6dbb4c544d01a7e48ce58f4c9f29b5e4b7b

  • SHA512

    c500b449dee51f63d1fe621987e4bd69e0e6718f07ede27ec13f1d562719819b4f5d58ed6be6c8ee2e2a4e2d0a86b9e0464c9d3c592933d3e83f61eb892654df

  • SSDEEP

    6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOuLcktJFksISWmSILKxrj:/pW2IoioS6jsk

Malware Config

Targets

    • Target

      NEAS.279fca2fb9903b7be96c3cadc7ef3a50.exe

    • Size

      458KB

    • MD5

      279fca2fb9903b7be96c3cadc7ef3a50

    • SHA1

      e169f06c121656afcd28fbe0f90cd4565fc31c27

    • SHA256

      f2a3a9f378db287bdd6aeb8c68e8e6dbb4c544d01a7e48ce58f4c9f29b5e4b7b

    • SHA512

      c500b449dee51f63d1fe621987e4bd69e0e6718f07ede27ec13f1d562719819b4f5d58ed6be6c8ee2e2a4e2d0a86b9e0464c9d3c592933d3e83f61eb892654df

    • SSDEEP

      6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOuLcktJFksISWmSILKxrj:/pW2IoioS6jsk

    • UAC bypass

    • Disables Task Manager via registry modification

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

    • Modifies system executable filetype association

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks