Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.52e6873faed9c27983bb4ed9ed6a9e50.exe

  • Size

    92KB

  • Sample

    231103-ql1jlsdc84

  • MD5

    52e6873faed9c27983bb4ed9ed6a9e50

  • SHA1

    6cbc68c018cfbbcbf2ece8063eefb665ad8d001b

  • SHA256

    0294aa8670f06445d963a77147c98753bc9160b5da0cf27cc88f9f80ab08897e

  • SHA512

    f1a1ec0283802b039945ce1f44df1a100b3f5155156c0fc79088f14617ec12929a161d41c6e900790b2fb31d27bda149c40fa5eca79d9c61c388618a054bf3f2

  • SSDEEP

    768:eweJK9nvPCasW0QWH8cnW0ecO7fchJh51cTDge1VY/q45C2T1G+mt5QDbn0Pb:ew68cn3ZeMaauCDbn0z

Score
10/10

Malware Config

Targets

    • Target

      NEAS.52e6873faed9c27983bb4ed9ed6a9e50.exe

    • Size

      92KB

    • MD5

      52e6873faed9c27983bb4ed9ed6a9e50

    • SHA1

      6cbc68c018cfbbcbf2ece8063eefb665ad8d001b

    • SHA256

      0294aa8670f06445d963a77147c98753bc9160b5da0cf27cc88f9f80ab08897e

    • SHA512

      f1a1ec0283802b039945ce1f44df1a100b3f5155156c0fc79088f14617ec12929a161d41c6e900790b2fb31d27bda149c40fa5eca79d9c61c388618a054bf3f2

    • SSDEEP

      768:eweJK9nvPCasW0QWH8cnW0ecO7fchJh51cTDge1VY/q45C2T1G+mt5QDbn0Pb:ew68cn3ZeMaauCDbn0z

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks