Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.b7f6571e7840d038ee822063b3334b2d.exe

  • Size

    19KB

  • Sample

    231117-s8v9hsbf2v

  • MD5

    b7f6571e7840d038ee822063b3334b2d

  • SHA1

    17e18ca71ae6dbd765d71c6dd99a62cc19b556a1

  • SHA256

    aee83b2c9c5d725e0e617d3e3e6b357bebccacada5bbb9e6b7e4a779f48d93d1

  • SHA512

    1376c97c616b8d8b2fadb5f62a0acf421ce9f5fc30be25da2cc5f760d75fadb9a87af20697e03d7aef39c13b0bf51c2805ac3046f9e357bf2f4291f7bce4ba85

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fad3S:rRkiLw3HsDSARGG/uR

Malware Config

Targets

    • Target

      NEAS.b7f6571e7840d038ee822063b3334b2d.exe

    • Size

      19KB

    • MD5

      b7f6571e7840d038ee822063b3334b2d

    • SHA1

      17e18ca71ae6dbd765d71c6dd99a62cc19b556a1

    • SHA256

      aee83b2c9c5d725e0e617d3e3e6b357bebccacada5bbb9e6b7e4a779f48d93d1

    • SHA512

      1376c97c616b8d8b2fadb5f62a0acf421ce9f5fc30be25da2cc5f760d75fadb9a87af20697e03d7aef39c13b0bf51c2805ac3046f9e357bf2f4291f7bce4ba85

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+fad3S:rRkiLw3HsDSARGG/uR

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks