Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.c57ead958ef99c2b4c140baa6ce333c0.exe

  • Size

    21KB

  • Sample

    231117-a2nlzscd22

  • MD5

    c57ead958ef99c2b4c140baa6ce333c0

  • SHA1

    6bac44ca490c20f8600950e37bfe85285b4de282

  • SHA256

    f64f4c98c3ed3b6bddd386825eb449cbec31bb25a84729b768295f88402b7677

  • SHA512

    279d05564714e099574671cd9466002a443f6efe32cb21f066845ddd9f0a1fd9e67c7bad9ffa456905d1aec09773dfd429b5adc174d80e7f5f3bbcb3d5f2d35e

  • SSDEEP

    384:jIz4sOPwP1mSKBmjpLxoYiekKrYGsUikOPkxOXayYl6mMyIzpegjX:jIUsddqUj4YilKrz4Pk4pYI9D

Malware Config

Targets

    • Target

      NEAS.c57ead958ef99c2b4c140baa6ce333c0.exe

    • Size

      21KB

    • MD5

      c57ead958ef99c2b4c140baa6ce333c0

    • SHA1

      6bac44ca490c20f8600950e37bfe85285b4de282

    • SHA256

      f64f4c98c3ed3b6bddd386825eb449cbec31bb25a84729b768295f88402b7677

    • SHA512

      279d05564714e099574671cd9466002a443f6efe32cb21f066845ddd9f0a1fd9e67c7bad9ffa456905d1aec09773dfd429b5adc174d80e7f5f3bbcb3d5f2d35e

    • SSDEEP

      384:jIz4sOPwP1mSKBmjpLxoYiekKrYGsUikOPkxOXayYl6mMyIzpegjX:jIUsddqUj4YilKrz4Pk4pYI9D

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks