Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.497c703002250e05da75df461c3abe10_JC.exe
-
Size
120KB
-
Sample
231104-zh7cesgg84
-
MD5
497c703002250e05da75df461c3abe10
-
SHA1
970cc6a10c30f287fbea64f3ef43a3f434dbd5d6
-
SHA256
2848230b3fee8839522d26325c2ab483dccc673abcd54ed26034dcafad42b35b
-
SHA512
58838b8676c97b71178cd85d4f34a0b663544839dea615f049837fa31c652ed998a8206f2e1eb9a49caa5d72ab3ee18ecaca8ca9295a357c5231773f645078ce
-
SSDEEP
1536:+afsUrDdlnvTbabOyTnaGEvr1CQQ5+ZZCNHsoI0Ls1j0H7XgzOoASDSdRYP:+kndln2FTaLRJc+v0qos4H7Xgfh
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.497c703002250e05da75df461c3abe10_JC.dll
Resource
win7-20231023-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
NEAS.497c703002250e05da75df461c3abe10_JC.exe
-
Size
120KB
-
MD5
497c703002250e05da75df461c3abe10
-
SHA1
970cc6a10c30f287fbea64f3ef43a3f434dbd5d6
-
SHA256
2848230b3fee8839522d26325c2ab483dccc673abcd54ed26034dcafad42b35b
-
SHA512
58838b8676c97b71178cd85d4f34a0b663544839dea615f049837fa31c652ed998a8206f2e1eb9a49caa5d72ab3ee18ecaca8ca9295a357c5231773f645078ce
-
SSDEEP
1536:+afsUrDdlnvTbabOyTnaGEvr1CQQ5+ZZCNHsoI0Ls1j0H7XgzOoASDSdRYP:+kndln2FTaLRJc+v0qos4H7Xgfh
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5