Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.da0aa478d1e20da9ff1067ef91727470_JC.exe
-
Size
197KB
-
Sample
231103-eg1s2abf8z
-
MD5
da0aa478d1e20da9ff1067ef91727470
-
SHA1
57e22d346a6a91aece6de1dca0c930dd7e3648df
-
SHA256
aa5598a6a2fdc5b313e32ba137b11a7ba7e003829829d933d5f014ccf0db96b8
-
SHA512
2fe328545dcbe1909a29010168e091547dec4e9c1ac83ec1bae6913b977f4f2ba080b67ee78cbf1c854c3352ccb036efa8a12c1bb84dcafe4eceb42e06022455
-
SSDEEP
3072:KhS7VD4/EnzzMUD8u8EC45xRS5b7lIf3GYHfqR1hAtTD5DyXglREK0c:dOizzb8uDxZCHlIZgEh5DyXglh
Behavioral task
behavioral1
Sample
NEAS.da0aa478d1e20da9ff1067ef91727470_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.da0aa478d1e20da9ff1067ef91727470_JC.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.da0aa478d1e20da9ff1067ef91727470_JC.exe
-
Size
197KB
-
MD5
da0aa478d1e20da9ff1067ef91727470
-
SHA1
57e22d346a6a91aece6de1dca0c930dd7e3648df
-
SHA256
aa5598a6a2fdc5b313e32ba137b11a7ba7e003829829d933d5f014ccf0db96b8
-
SHA512
2fe328545dcbe1909a29010168e091547dec4e9c1ac83ec1bae6913b977f4f2ba080b67ee78cbf1c854c3352ccb036efa8a12c1bb84dcafe4eceb42e06022455
-
SSDEEP
3072:KhS7VD4/EnzzMUD8u8EC45xRS5b7lIf3GYHfqR1hAtTD5DyXglREK0c:dOizzb8uDxZCHlIZgEh5DyXglh
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1