Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

NEAS.765aa...c0.exe

windows7-x64

7

NEAS.765aa...c0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231025-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231025-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/11/2023, 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.765aa280d01694d4a764522d4d59d9c0.exe

  • Size

    1.7MB

  • MD5

    765aa280d01694d4a764522d4d59d9c0

  • SHA1

    c0d55dc5a0495408c72ebf5f0e48f3b02b540265

  • SHA256

    f0e9ee9f8c122409ba0f4b395c16be5a118401c5b1a8a7951834ceea1fff7d48

  • SHA512

    5320382bf429755198befb0ef0af6ba583487903d4ab1ceae2d82a27d12b8e81b4a888e0ee424ae222e2bd4bf747556c01927ee85fc7e33fd5ea940b1898e589

  • SSDEEP

    24576:65jcAkSYqyEZYTqMi8CtBd2QHCHmTBW5cANw243nFMYciSw1jKJS:gpYqQqJtb2I7ew2EFjhSmjKJS

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 16 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in System32 directory 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.765aa280d01694d4a764522d4d59d9c0.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.765aa280d01694d4a764522d4d59d9c0.exe"
    1⤵
    • Drops file in System32 directory
    • Drops file in Program Files directory
    • Drops file in Windows directory
    PID:3452

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\odt\office2016setup.exe-
    Filesize

    6.8MB

    MD5

    1afa023c4e1db4834713a39435e58dd0

    SHA1

    21b595d3684dd557dc85150efd81c4abe643d51d

    SHA256

    a76478999e32ba1619254be2b4eebd28818f6da1966b25d26d7da6043ed75dea

    SHA512

    a341d06d223e1a486b981964a833a0c0c9d423cdc087892ea8fd305611ed74cc71f2483430960a86ddce4716500274a502445a53230c04f2c505df5ff34d7f54

    Download Submit

  • memory/3452-1641-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-3828-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-1036-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-1355-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-1360-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-1554-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-402-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-2429-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-1635-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-2862-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-0-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-4267-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-4268-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-4269-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/3452-4270-0x0000000000400000-0x000000000040F000-memory.dmp

    Filesize

    60KB

    Download