Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.66ee4...40.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/11/2023, 05:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.66ee414aea220e37de34d85eb207dd40.exe

  • Size

    407KB

  • MD5

    66ee414aea220e37de34d85eb207dd40

  • SHA1

    872a052d3d888ad8543f54115318105c9910aa0c

  • SHA256

    db5500dbcc8423f01642cea52aa08c5f4a369421a740ce38f40d10d1e135184a

  • SHA512

    3eaab021e6292b39c2a056b458aff58f2b0963a677dffd04be81067f482b61950a0d24a8ef91f9fd0a3a567b5b354a9f7ee65dec0aca3892af5ccbcc8998deb4

  • SSDEEP

    12288:gxETh9t9h0TnWxKhph5hphxjYWktLpm1EwtLpm1ETYBjvrEH74:mETh9t9h0HktLpwbtLpwIqrEH74

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.66ee414aea220e37de34d85eb207dd40.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.66ee414aea220e37de34d85eb207dd40.exe"
    1⤵
      PID:1992
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:3852
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3764

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        6186b5e59e26126acaf3e02448fb3e83

        SHA1

        6591f1f7a1f859a630c16c4ed8644c9246026a8c

        SHA256

        f04eb05de9a7f452186c312ba7f9ce0ea0a6750d72d6e2c388172c50067ce898

        SHA512

        84b8ee8afd0847fe9dec0ec4d1418d27ef2a68bcd032cd178bef31b24fa2041247ffb3f13ce25ad150111dac78c4376ea0cf407fbba1f4d6f24f479329a1524a

        Download Submit

      • memory/3764-40-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-42-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-33-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-34-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-35-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-36-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-37-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-38-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-39-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-43-0x000001E7B9BB0000-0x000001E7B9BB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-32-0x000001E7B9F60000-0x000001E7B9F61000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-41-0x000001E7B9F80000-0x000001E7B9F81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-0-0x000001E7B1870000-0x000001E7B1880000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3764-44-0x000001E7B9BA0000-0x000001E7B9BA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-46-0x000001E7B9BB0000-0x000001E7B9BB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-49-0x000001E7B9BA0000-0x000001E7B9BA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-52-0x000001E7B9AE0000-0x000001E7B9AE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-16-0x000001E7B1970000-0x000001E7B1980000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3764-64-0x000001E7B9CE0000-0x000001E7B9CE1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-66-0x000001E7B9CF0000-0x000001E7B9CF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-67-0x000001E7B9CF0000-0x000001E7B9CF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3764-68-0x000001E7B9E00000-0x000001E7B9E01000-memory.dmp

        Filesize

        4KB

        Download