Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.7d652a1374b838d985eabef0e78199b0.exe

  • Size

    19KB

  • Sample

    231104-jz5bdsff45

  • MD5

    7d652a1374b838d985eabef0e78199b0

  • SHA1

    19c61eaf6d9cb56aea25bc989287a4f8d43b8599

  • SHA256

    252cfd35b7303b91369dd00c1a0d5ab8b4cf208018e40d14656e3069c8e464bc

  • SHA512

    c30cee59a39185c1f88dab26fbed8f9cd8f9a73b5c27aef0cb03561747213ace07e6a319204366d400caee5108b2366e4d4b4789f4ea1339222e0b0a8db34ed3

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXK0:rRkiLw3HsDSARGG/60

Malware Config

Targets

    • Target

      NEAS.7d652a1374b838d985eabef0e78199b0.exe

    • Size

      19KB

    • MD5

      7d652a1374b838d985eabef0e78199b0

    • SHA1

      19c61eaf6d9cb56aea25bc989287a4f8d43b8599

    • SHA256

      252cfd35b7303b91369dd00c1a0d5ab8b4cf208018e40d14656e3069c8e464bc

    • SHA512

      c30cee59a39185c1f88dab26fbed8f9cd8f9a73b5c27aef0cb03561747213ace07e6a319204366d400caee5108b2366e4d4b4789f4ea1339222e0b0a8db34ed3

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXK0:rRkiLw3HsDSARGG/60

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks