Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.762ce72eed847280113ec690c9992970.exe

  • Size

    660KB

  • Sample

    231107-xrle7sdg2x

  • MD5

    762ce72eed847280113ec690c9992970

  • SHA1

    bfae6f5d06969d73de02b977bc233c98921eeeb1

  • SHA256

    7f101603fbb2821504cf2c71fca0450689dfcd6d1f36e57e27f0392be0f2d1dd

  • SHA512

    a00c47ff4dcdb0fcf0a1fe6fddd05ba13b6bbe44923018142e8c37fd90a9bdb756c9012b8610231512db6efd33583c4e42d295bc57f5d380a968c8acc514318c

  • SSDEEP

    12288:SMrzy904l2PWhiqJWsf5oUK+ktPwlytEOJuNTSZXlvrAxM:JyzhiqIuik8BqOJITQsxM

Malware Config

Targets

    • Target

      NEAS.762ce72eed847280113ec690c9992970.exe

    • Size

      660KB

    • MD5

      762ce72eed847280113ec690c9992970

    • SHA1

      bfae6f5d06969d73de02b977bc233c98921eeeb1

    • SHA256

      7f101603fbb2821504cf2c71fca0450689dfcd6d1f36e57e27f0392be0f2d1dd

    • SHA512

      a00c47ff4dcdb0fcf0a1fe6fddd05ba13b6bbe44923018142e8c37fd90a9bdb756c9012b8610231512db6efd33583c4e42d295bc57f5d380a968c8acc514318c

    • SSDEEP

      12288:SMrzy904l2PWhiqJWsf5oUK+ktPwlytEOJuNTSZXlvrAxM:JyzhiqIuik8BqOJITQsxM

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks