Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

NEAS.148d9...30.exe

windows7-x64

7

NEAS.148d9...30.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    15/11/2023, 07:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.148d9279463210ed1d310e60eae87630.exe

  • Size

    433KB

  • MD5

    148d9279463210ed1d310e60eae87630

  • SHA1

    ad13f425c96667a816de4f19c9adfd5dc5274c41

  • SHA256

    307b8cffb185fe4bb1a4c24b18fdc96480a16812bf39b8c78ad8d5de5166977d

  • SHA512

    c69fffb235519e23342f49f7eef6cfdb565c4e14c811a9e0ace76b9d620a8588b00f00615768855d491b09aaea5275a68b5e98a4501c95b0da61f581cbce10aa

  • SSDEEP

    6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtvDyPsTcpNmEImIR2pZKx0avxkLeBs7tb0yvt:Ci4g+yU+0pAiv+JXGple2Gfu6B4SvKn

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.148d9279463210ed1d310e60eae87630.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.148d9279463210ed1d310e60eae87630.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2120
    • C:\Users\Admin\AppData\Local\Temp\7E06.tmp
      "C:\Users\Admin\AppData\Local\Temp\7E06.tmp" --helpC:\Users\Admin\AppData\Local\Temp\NEAS.148d9279463210ed1d310e60eae87630.exe AEE954597A7E32FDDCE035F287C2B5665379D4B3B0D711D85EBFD7FE274D70B5B71F08730B4D214832E555D3A9A21469B404876B9D9CD2CE30A5D58979692053
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7E06.tmp
    Filesize

    433KB

    MD5

    2777d2bca10431800a66bcc7ee487f66

    SHA1

    0a860ab323ad51007b90d2650513ebd8ede3448a

    SHA256

    ecc3d25ede30228132f02aacf8505f06f8ab3b6448bd0d83d28f5d8df7e7d4be

    SHA512

    62848e53d30ceb90773c7d74bc58d2b61e307658471d6682ddb33a2752431dcda50fa26f3a705a2990d0d699ec7c2910a40d1f8ae6e43fbeb9c407ab0a8181cf

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7E06.tmp
    Filesize

    433KB

    MD5

    2777d2bca10431800a66bcc7ee487f66

    SHA1

    0a860ab323ad51007b90d2650513ebd8ede3448a

    SHA256

    ecc3d25ede30228132f02aacf8505f06f8ab3b6448bd0d83d28f5d8df7e7d4be

    SHA512

    62848e53d30ceb90773c7d74bc58d2b61e307658471d6682ddb33a2752431dcda50fa26f3a705a2990d0d699ec7c2910a40d1f8ae6e43fbeb9c407ab0a8181cf

    Download Submit