Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.593bb06e8c19e547b971df37c49943e0.exe
-
Size
3.1MB
-
Sample
231116-na4qsacd3y
-
MD5
593bb06e8c19e547b971df37c49943e0
-
SHA1
73a95343a1fffb84f9798305c10d9457c477e584
-
SHA256
de6d7da1e2cbb5ef2d7bc2523f9a8a442b30c23c10919ebad887edfecea177cf
-
SHA512
bbc9c4c836a6686e87077508412db9ab0faffb24583db9cc2bfc3d543306ea76e98815ef1168216df93a8776ad5b9783b9810e23e9b427645f744e9c23b0278c
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG975:ZXRO0hkr2Rxt+ew
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.593bb06e8c19e547b971df37c49943e0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.593bb06e8c19e547b971df37c49943e0.exe
Resource
win10v2004-20231025-en
Malware Config
Targets
-
-
Target
NEAS.593bb06e8c19e547b971df37c49943e0.exe
-
Size
3.1MB
-
MD5
593bb06e8c19e547b971df37c49943e0
-
SHA1
73a95343a1fffb84f9798305c10d9457c477e584
-
SHA256
de6d7da1e2cbb5ef2d7bc2523f9a8a442b30c23c10919ebad887edfecea177cf
-
SHA512
bbc9c4c836a6686e87077508412db9ab0faffb24583db9cc2bfc3d543306ea76e98815ef1168216df93a8776ad5b9783b9810e23e9b427645f744e9c23b0278c
-
SSDEEP
49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG975:ZXRO0hkr2Rxt+ew
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Winlogon Helper DLL
1