Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.f28d04b2c360090d14406da06e074dd0_JC.exe

  • Size

    474KB

  • Sample

    231103-h75fpadg8y

  • MD5

    f28d04b2c360090d14406da06e074dd0

  • SHA1

    a25bb3ef66901953a74158c92db8222a8f207480

  • SHA256

    429ae58fec755e4c91b8888e08d74401786d8869a89899e5d2ba0a542eceb709

  • SHA512

    3c5b69ec08a4c2af7ab872a7fe00a2041dd57175ebbf84909921e7ff8afac78a93f51e412cf204753674df34b1f7c565a282c0e9d778684e45214e018c0417fb

  • SSDEEP

    6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl6:nRDc3yWDNU+YUznzNjElWaT07NQt6

Score
10/10

Malware Config

Targets

    • Target

      NEAS.f28d04b2c360090d14406da06e074dd0_JC.exe

    • Size

      474KB

    • MD5

      f28d04b2c360090d14406da06e074dd0

    • SHA1

      a25bb3ef66901953a74158c92db8222a8f207480

    • SHA256

      429ae58fec755e4c91b8888e08d74401786d8869a89899e5d2ba0a542eceb709

    • SHA512

      3c5b69ec08a4c2af7ab872a7fe00a2041dd57175ebbf84909921e7ff8afac78a93f51e412cf204753674df34b1f7c565a282c0e9d778684e45214e018c0417fb

    • SSDEEP

      6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKEl6:nRDc3yWDNU+YUznzNjElWaT07NQt6

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks