Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.3aa15...d0.exe

windows7-x64

10

NEAS.3aa15...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.3aa153304f53a2ea33e4c74a4ad07dd0.exe

  • Size

    211KB

  • Sample

    231117-2xwwcafb87

  • MD5

    3aa153304f53a2ea33e4c74a4ad07dd0

  • SHA1

    620eb2916f6c484e6ddc95932e8ef7b3720a137f

  • SHA256

    91e8a25e056ef3d6d6c733170ba9ae92e2dac95866c2c7ef865eb97cf77b91b1

  • SHA512

    b16947b8f6b7558dc410657032722520dc9b7491045763ca071133b358904b15a795017d99adba66ea08843f2094951b137335456776a6e21f8fcbf81fc6af8a

  • SSDEEP

    3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnj:b1iNKQxENHLfMgw7y9Zrs

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      NEAS.3aa153304f53a2ea33e4c74a4ad07dd0.exe

    • Size

      211KB

    • MD5

      3aa153304f53a2ea33e4c74a4ad07dd0

    • SHA1

      620eb2916f6c484e6ddc95932e8ef7b3720a137f

    • SHA256

      91e8a25e056ef3d6d6c733170ba9ae92e2dac95866c2c7ef865eb97cf77b91b1

    • SHA512

      b16947b8f6b7558dc410657032722520dc9b7491045763ca071133b358904b15a795017d99adba66ea08843f2094951b137335456776a6e21f8fcbf81fc6af8a

    • SSDEEP

      3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnj:b1iNKQxENHLfMgw7y9Zrs

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks