Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.736d6df31b1cfc42580f818558d9cbc0.exe

  • Size

    227KB

  • Sample

    231103-tb268seb4s

  • MD5

    736d6df31b1cfc42580f818558d9cbc0

  • SHA1

    2886bcf715aabb4ec5111e6b55571c400a127fb4

  • SHA256

    ef2c970a5722d121a2ab6cab00b8d60d68a5ff8428c6d73a1de5a85fb42bf6b5

  • SHA512

    0af9e0d7f14a3a161ce59a8f9db29039ef550de9831f10040f11d4393a417917f08199c90850d8a047c245f4a56ee380f46e40c6b472e92ad69cdd110b48dffa

  • SSDEEP

    3072:YsXRmUIMitiMQose27vc+Eld+xZp2vPRL1tT06zJoxAWBcKpSP//dwRmIBk:ZR5IuMQoseGk7RZBGxAycKpSPX2i

Score
7/10

Malware Config

Targets

    • Target

      NEAS.736d6df31b1cfc42580f818558d9cbc0.exe

    • Size

      227KB

    • MD5

      736d6df31b1cfc42580f818558d9cbc0

    • SHA1

      2886bcf715aabb4ec5111e6b55571c400a127fb4

    • SHA256

      ef2c970a5722d121a2ab6cab00b8d60d68a5ff8428c6d73a1de5a85fb42bf6b5

    • SHA512

      0af9e0d7f14a3a161ce59a8f9db29039ef550de9831f10040f11d4393a417917f08199c90850d8a047c245f4a56ee380f46e40c6b472e92ad69cdd110b48dffa

    • SSDEEP

      3072:YsXRmUIMitiMQose27vc+Eld+xZp2vPRL1tT06zJoxAWBcKpSP//dwRmIBk:ZR5IuMQoseGk7RZBGxAycKpSPX2i

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks