Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.593bb...e0.exe

windows7-x64

10

NEAS.593bb...e0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.593bb06e8c19e547b971df37c49943e0.exe

  • Size

    3.1MB

  • Sample

    231116-na4qsacd3y

  • MD5

    593bb06e8c19e547b971df37c49943e0

  • SHA1

    73a95343a1fffb84f9798305c10d9457c477e584

  • SHA256

    de6d7da1e2cbb5ef2d7bc2523f9a8a442b30c23c10919ebad887edfecea177cf

  • SHA512

    bbc9c4c836a6686e87077508412db9ab0faffb24583db9cc2bfc3d543306ea76e98815ef1168216df93a8776ad5b9783b9810e23e9b427645f744e9c23b0278c

  • SSDEEP

    49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG975:ZXRO0hkr2Rxt+ew

Score
10/10
evasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      NEAS.593bb06e8c19e547b971df37c49943e0.exe

    • Size

      3.1MB

    • MD5

      593bb06e8c19e547b971df37c49943e0

    • SHA1

      73a95343a1fffb84f9798305c10d9457c477e584

    • SHA256

      de6d7da1e2cbb5ef2d7bc2523f9a8a442b30c23c10919ebad887edfecea177cf

    • SHA512

      bbc9c4c836a6686e87077508412db9ab0faffb24583db9cc2bfc3d543306ea76e98815ef1168216df93a8776ad5b9783b9810e23e9b427645f744e9c23b0278c

    • SSDEEP

      49152:ZUuBTOjZwS1Ihk+hy7iHuaRZnt+NTNLiG975:ZXRO0hkr2Rxt+ew

    Score
    10/10
    evasionpersistencespywarestealertrojan

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks