Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.736d6df31b1cfc42580f818558d9cbc0.exe
-
Size
227KB
-
Sample
231103-tb268seb4s
-
MD5
736d6df31b1cfc42580f818558d9cbc0
-
SHA1
2886bcf715aabb4ec5111e6b55571c400a127fb4
-
SHA256
ef2c970a5722d121a2ab6cab00b8d60d68a5ff8428c6d73a1de5a85fb42bf6b5
-
SHA512
0af9e0d7f14a3a161ce59a8f9db29039ef550de9831f10040f11d4393a417917f08199c90850d8a047c245f4a56ee380f46e40c6b472e92ad69cdd110b48dffa
-
SSDEEP
3072:YsXRmUIMitiMQose27vc+Eld+xZp2vPRL1tT06zJoxAWBcKpSP//dwRmIBk:ZR5IuMQoseGk7RZBGxAycKpSPX2i
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.736d6df31b1cfc42580f818558d9cbc0.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.736d6df31b1cfc42580f818558d9cbc0.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
NEAS.736d6df31b1cfc42580f818558d9cbc0.exe
-
Size
227KB
-
MD5
736d6df31b1cfc42580f818558d9cbc0
-
SHA1
2886bcf715aabb4ec5111e6b55571c400a127fb4
-
SHA256
ef2c970a5722d121a2ab6cab00b8d60d68a5ff8428c6d73a1de5a85fb42bf6b5
-
SHA512
0af9e0d7f14a3a161ce59a8f9db29039ef550de9831f10040f11d4393a417917f08199c90850d8a047c245f4a56ee380f46e40c6b472e92ad69cdd110b48dffa
-
SSDEEP
3072:YsXRmUIMitiMQose27vc+Eld+xZp2vPRL1tT06zJoxAWBcKpSP//dwRmIBk:ZR5IuMQoseGk7RZBGxAycKpSPX2i
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-