Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.02b70a97c3c0b99ccf84ab7ffe3be600.exe

  • Size

    293KB

  • Sample

    231112-lpap5sfa39

  • MD5

    02b70a97c3c0b99ccf84ab7ffe3be600

  • SHA1

    d93886c2b4a2901be15c0469c8ad4adb4c3d53e6

  • SHA256

    b525eb7207acc2739513e6996df64c569151be26ea3e4dfaa73c2df4c215d311

  • SHA512

    8fff2c644f0c8caa3863d17e5c9c6cf0c50463b6a47796660bf8bbdda03e273500af6babe7bdae39637ae704149b4bd4be0b28321b3bc31f0d75e73a731d8862

  • SSDEEP

    3072:AygCullUQN7gsBh1L1QygCullUQN7gsBh1L12:ARleK7712RleK771o

Score
10/10

Malware Config

Targets

    • Target

      NEAS.02b70a97c3c0b99ccf84ab7ffe3be600.exe

    • Size

      293KB

    • MD5

      02b70a97c3c0b99ccf84ab7ffe3be600

    • SHA1

      d93886c2b4a2901be15c0469c8ad4adb4c3d53e6

    • SHA256

      b525eb7207acc2739513e6996df64c569151be26ea3e4dfaa73c2df4c215d311

    • SHA512

      8fff2c644f0c8caa3863d17e5c9c6cf0c50463b6a47796660bf8bbdda03e273500af6babe7bdae39637ae704149b4bd4be0b28321b3bc31f0d75e73a731d8862

    • SSDEEP

      3072:AygCullUQN7gsBh1L1QygCullUQN7gsBh1L12:ARleK7712RleK771o

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks