Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.fe41a939dd3c2f2eb8833681289a5700.exe
-
Size
3.9MB
-
Sample
231112-lpap5sfa43
-
MD5
fe41a939dd3c2f2eb8833681289a5700
-
SHA1
de69c02e8209acba4e0fed9ed3cfaa4ea0e742e0
-
SHA256
ff8f94fc24dbbeecf0efb07da1cebc0ec0359e1d7a9cf3b898acb543f29fba68
-
SHA512
4480660484ec38a8e82ba5f33e61704548826f31ff04aa624c05fad09909538bbf83e405504a011e13b289603d06d1cfce0efe403c22b7403ecfab7c9a31ed71
-
SSDEEP
98304:MtBS4neHvZjiEO5Ihd1T5HqDXJqNjpzS3vv3jirr3jjWiTaOvifviOrF:crnevd1NHqDXJqNj4
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.fe41a939dd3c2f2eb8833681289a5700.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.fe41a939dd3c2f2eb8833681289a5700.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
NEAS.fe41a939dd3c2f2eb8833681289a5700.exe
-
Size
3.9MB
-
MD5
fe41a939dd3c2f2eb8833681289a5700
-
SHA1
de69c02e8209acba4e0fed9ed3cfaa4ea0e742e0
-
SHA256
ff8f94fc24dbbeecf0efb07da1cebc0ec0359e1d7a9cf3b898acb543f29fba68
-
SHA512
4480660484ec38a8e82ba5f33e61704548826f31ff04aa624c05fad09909538bbf83e405504a011e13b289603d06d1cfce0efe403c22b7403ecfab7c9a31ed71
-
SSDEEP
98304:MtBS4neHvZjiEO5Ihd1T5HqDXJqNjpzS3vv3jirr3jjWiTaOvifviOrF:crnevd1NHqDXJqNj4
Score7/10-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-