Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.ed369...f0.exe

windows7-x64

10

NEAS.ed369...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.ed369e5a46b169fa1f1e0cdb99e8cbf0.exe

  • Size

    224KB

  • Sample

    231115-b37xpaaa93

  • MD5

    ed369e5a46b169fa1f1e0cdb99e8cbf0

  • SHA1

    33312d9809d67fe4cf7a4b27c19c5eb8e84b1e17

  • SHA256

    450c6671f4a83c2b9e598cff863bb400fca782222bd0ca154dd5aa6767392536

  • SHA512

    212f9e453d0eec5891e58e04b6b63d746df21f1f8c8dd1db7e16838eec71668ec5c5b2018dbe36176f138ca050ef631c10785c332c87990ec794937b54d9313f

  • SSDEEP

    3072:XC3XWoixXDncBV4X5HzKxGYCzTNyTJQC2iLzkdNtTBLqdBW7Vy3K:UixXDcU5Eh2wIdNtT4SVD

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      NEAS.ed369e5a46b169fa1f1e0cdb99e8cbf0.exe

    • Size

      224KB

    • MD5

      ed369e5a46b169fa1f1e0cdb99e8cbf0

    • SHA1

      33312d9809d67fe4cf7a4b27c19c5eb8e84b1e17

    • SHA256

      450c6671f4a83c2b9e598cff863bb400fca782222bd0ca154dd5aa6767392536

    • SHA512

      212f9e453d0eec5891e58e04b6b63d746df21f1f8c8dd1db7e16838eec71668ec5c5b2018dbe36176f138ca050ef631c10785c332c87990ec794937b54d9313f

    • SSDEEP

      3072:XC3XWoixXDncBV4X5HzKxGYCzTNyTJQC2iLzkdNtTBLqdBW7Vy3K:UixXDcU5Eh2wIdNtT4SVD

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks