Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.cca07854244b684693da069372a872b0.exe

  • Size

    1.7MB

  • Sample

    231117-z32bxaeb66

  • MD5

    cca07854244b684693da069372a872b0

  • SHA1

    ebc4e52a7c3af133b76ad428601ef27f8ef3deb5

  • SHA256

    9b551b9cac5bcb6d923499b02a101729d741593a980f72ad8b064260409081e4

  • SHA512

    a4438339cee7c0550a64be8eb20a40567b35aa792c32b017289a2275a6e4d8b63436fd42ef926b608cdc6f5724a8680ddf4098f0e9bf5c2eb3cfc166765292c9

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXBPFB:NABv

Score
10/10

Malware Config

Targets

    • Target

      NEAS.cca07854244b684693da069372a872b0.exe

    • Size

      1.7MB

    • MD5

      cca07854244b684693da069372a872b0

    • SHA1

      ebc4e52a7c3af133b76ad428601ef27f8ef3deb5

    • SHA256

      9b551b9cac5bcb6d923499b02a101729d741593a980f72ad8b064260409081e4

    • SHA512

      a4438339cee7c0550a64be8eb20a40567b35aa792c32b017289a2275a6e4d8b63436fd42ef926b608cdc6f5724a8680ddf4098f0e9bf5c2eb3cfc166765292c9

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXBPFB:NABv

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks