Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

NEAS.fdfaa...JC.exe

windows7-x64

7

NEAS.fdfaa...JC.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.fdfaab7427b35dc8735d8a4e24189d80_JC.exe

  • Size

    110KB

  • Sample

    231105-gnaarsbe4v

  • MD5

    fdfaab7427b35dc8735d8a4e24189d80

  • SHA1

    67c7e025812315666c5a429aea00460056742ae0

  • SHA256

    8b27833aaab6444ac102da2afe6b2b6ab9a9104263fc4f9e4e0ebaa7af106f0c

  • SHA512

    707d76a4f2b3fbc2e7a9fc332f1526b5b91a01028a5e0d095680fac309a163b35774fa77452eb3480bcd9931c244b023234332fb676c594e93b7607b10d48c7f

  • SSDEEP

    1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18f9:ELlbZTZX3BAtTSVEdUJWTWd18f9

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      NEAS.fdfaab7427b35dc8735d8a4e24189d80_JC.exe

    • Size

      110KB

    • MD5

      fdfaab7427b35dc8735d8a4e24189d80

    • SHA1

      67c7e025812315666c5a429aea00460056742ae0

    • SHA256

      8b27833aaab6444ac102da2afe6b2b6ab9a9104263fc4f9e4e0ebaa7af106f0c

    • SHA512

      707d76a4f2b3fbc2e7a9fc332f1526b5b91a01028a5e0d095680fac309a163b35774fa77452eb3480bcd9931c244b023234332fb676c594e93b7607b10d48c7f

    • SSDEEP

      1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18f9:ELlbZTZX3BAtTSVEdUJWTWd18f9

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks