Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.bd512...10.exe

windows7-x64

10

NEAS.bd512...10.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    81s
  • max time network
    180s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/11/2023, 09:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.bd512653faade6bb365d077d1b7a0410.exe

  • Size

    280KB

  • MD5

    bd512653faade6bb365d077d1b7a0410

  • SHA1

    4061759d0861c292bc37d1c4c9a0456458255db8

  • SHA256

    36f6bd809c5acad2129682600ab3ed12482709c72922e8cf72163a4be03f26ad

  • SHA512

    a2774736e0bf7776f5478bff39fede73b5337eb9d0518f5d4879bebd8c70f4d8bd4ee90bd859e1a0185e0f1a519c8778f8c009925f87b04cc4b393aa0b097df9

  • SSDEEP

    3072:Da+SiHOPiu8aQb3TqDUCiGjHJDbRv9y+qwa+rZf/MVBXx1:zSiHOq3TqD+0HBb5ta+rZ3MTL

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.bd512653faade6bb365d077d1b7a0410.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.bd512653faade6bb365d077d1b7a0410.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4168
    • C:\Users\Admin\jiogeom.exe
      "C:\Users\Admin\jiogeom.exe"
      2⤵
        PID:4040

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\jiogeom.exe
      Filesize

      280KB

      MD5

      0699a44cb199528bb665c693c568ca2e

      SHA1

      7aa7807d14e93a37e19b184d4bb2d0eb55a65568

      SHA256

      f35fca6c48d5a05a02951cae96891915b65ccffe928438bee2b36e3f2828917c

      SHA512

      af835928970896553d971175a33558391361bfe3de767937c07361fc8e4adba6ee30e5940a7a0a688f28970b629eeac1494c5b6993e075a49f9c200859779b79

      Download Submit

    • C:\Users\Admin\jiogeom.exe
      Filesize

      280KB

      MD5

      0699a44cb199528bb665c693c568ca2e

      SHA1

      7aa7807d14e93a37e19b184d4bb2d0eb55a65568

      SHA256

      f35fca6c48d5a05a02951cae96891915b65ccffe928438bee2b36e3f2828917c

      SHA512

      af835928970896553d971175a33558391361bfe3de767937c07361fc8e4adba6ee30e5940a7a0a688f28970b629eeac1494c5b6993e075a49f9c200859779b79

      Download Submit

    • C:\Users\Admin\jiogeom.exe
      Filesize

      280KB

      MD5

      0699a44cb199528bb665c693c568ca2e

      SHA1

      7aa7807d14e93a37e19b184d4bb2d0eb55a65568

      SHA256

      f35fca6c48d5a05a02951cae96891915b65ccffe928438bee2b36e3f2828917c

      SHA512

      af835928970896553d971175a33558391361bfe3de767937c07361fc8e4adba6ee30e5940a7a0a688f28970b629eeac1494c5b6993e075a49f9c200859779b79

      Download Submit