Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

NEAS.765aa...c0.exe

windows7-x64

7

NEAS.765aa...c0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    17/11/2023, 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.765aa280d01694d4a764522d4d59d9c0.exe

  • Size

    1.7MB

  • MD5

    765aa280d01694d4a764522d4d59d9c0

  • SHA1

    c0d55dc5a0495408c72ebf5f0e48f3b02b540265

  • SHA256

    f0e9ee9f8c122409ba0f4b395c16be5a118401c5b1a8a7951834ceea1fff7d48

  • SHA512

    5320382bf429755198befb0ef0af6ba583487903d4ab1ceae2d82a27d12b8e81b4a888e0ee424ae222e2bd4bf747556c01927ee85fc7e33fd5ea940b1898e589

  • SSDEEP

    24576:65jcAkSYqyEZYTqMi8CtBd2QHCHmTBW5cANw243nFMYciSw1jKJS:gpYqQqJtb2I7ew2EFjhSmjKJS

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 13 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.765aa280d01694d4a764522d4d59d9c0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.765aa280d01694d4a764522d4d59d9c0.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    PID:904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\7-Zip\7zFM.exe-
    Filesize

    2.6MB

    MD5

    a1214b1907e2cea2f4601efd4d0a9767

    SHA1

    323f76ef0e1ec696c4bfd4cef9c593daa13b911c

    SHA256

    ca0b0539bdda0c258a9f662a3bfa5367e276c9bda6a09c8444f27a6878993a59

    SHA512

    66413ac297bd27a8f3985042f1181bde40fdf97ffe22c1969e6675c7c43c420f09a8e286526e3acde8822b935860d98dd2c8f791c43c4138601fd5ef9c0ea02d

    Download Submit

  • memory/904-2192-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-433-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-908-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-1668-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-1693-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-0-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-2347-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-3085-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-3668-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-3669-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-3670-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/904-3674-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download