Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.aae88...40.exe

windows7-x64

1

NEAS.aae88...40.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    158s
  • max time network
    171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/11/2023, 14:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.aae8808d2883f5ba5a90f53c8460bb40.exe

  • Size

    14KB

  • MD5

    aae8808d2883f5ba5a90f53c8460bb40

  • SHA1

    3b68b8ebe24ae78cfcfb1970414fca5d132439ec

  • SHA256

    b095255240074c059cf26d4160753e1a91421cd8b9531aa5e54d026b630086ce

  • SHA512

    e4f59e7b86259de11308ad0b07ed38414d528f8ab928d7b5f77869d22920bc7d57188d8d41e556b622a565c54da7ad2eda2a3c8514e113cf6b6f02881cf148ea

  • SSDEEP

    192:dbM/nvxmqLWoC8PoawZqFkJOGm4qoEhmXmXmXmXmX5ddbrL69EiXAqDE045HQ:dbM/vxdCpapkJOGmN2f69EifDE045H

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.aae8808d2883f5ba5a90f53c8460bb40.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.aae8808d2883f5ba5a90f53c8460bb40.exe"
    1⤵
      PID:4756
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:4080
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:4016

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        97e3f752600b835e2a43fc2713ad455a

        SHA1

        ad0ac8b4b2a759a962349766158465df41766520

        SHA256

        2e3ac0a3043744df446e060210503f5108be248644e84e6b684f6d3680a46317

        SHA512

        653da819a6d96bb2b04198556de395d4d291313532685bc2b2e31659823b14707a7c826584969e1e057c5733b4beb211774f156c202a783d5a69799c615619e1

        Download Submit

      • memory/4016-42-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-39-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-33-0x000002A23E510000-0x000002A23E511000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-34-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-35-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-36-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-37-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-43-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-69-0x000002A23E3B0000-0x000002A23E3B1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-40-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-17-0x000002A235F40000-0x000002A235F50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4016-41-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-38-0x000002A23E540000-0x000002A23E541000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-44-0x000002A23E160000-0x000002A23E161000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-45-0x000002A23E150000-0x000002A23E151000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-47-0x000002A23E160000-0x000002A23E161000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-50-0x000002A23E150000-0x000002A23E151000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-53-0x000002A23E090000-0x000002A23E091000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-1-0x000002A235E40000-0x000002A235E50000-memory.dmp

        Filesize

        64KB

        Download

      • memory/4016-65-0x000002A23E290000-0x000002A23E291000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-67-0x000002A23E2A0000-0x000002A23E2A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4016-68-0x000002A23E2A0000-0x000002A23E2A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/4756-0-0x0000000000400000-0x000000000040A000-memory.dmp

        Filesize

        40KB

        Download