Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.f8624b0e9883ba5023b9e7e031f6fd40.exe
-
Size
2.0MB
-
Sample
231118-adp5xagh9t
-
MD5
f8624b0e9883ba5023b9e7e031f6fd40
-
SHA1
1be2ca2d0b56a8c1109c4f6a4f9416f161e6af07
-
SHA256
0d8abbe502d44187214519c2e89a1ca0ae77e32d95d1678dc1aca4f03fc2ab8d
-
SHA512
329b3cfebdba39071adce1e2b5097d40050aed148767a896f62af5eb37b61458adbfd0b90fc1e20e28b969674566ec015e8d6ef41b0bc4386bc9c5da4bfde800
-
SSDEEP
49152:VnsHyjtk2MYC5GDrK783MoXnFv3dcj7q5LsLp3CceMuczXre:Vnsmtk2a6K78HXnl3dcj7q5KpyceMuc+
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.f8624b0e9883ba5023b9e7e031f6fd40.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
NEAS.f8624b0e9883ba5023b9e7e031f6fd40.exe
-
Size
2.0MB
-
MD5
f8624b0e9883ba5023b9e7e031f6fd40
-
SHA1
1be2ca2d0b56a8c1109c4f6a4f9416f161e6af07
-
SHA256
0d8abbe502d44187214519c2e89a1ca0ae77e32d95d1678dc1aca4f03fc2ab8d
-
SHA512
329b3cfebdba39071adce1e2b5097d40050aed148767a896f62af5eb37b61458adbfd0b90fc1e20e28b969674566ec015e8d6ef41b0bc4386bc9c5da4bfde800
-
SSDEEP
49152:VnsHyjtk2MYC5GDrK783MoXnFv3dcj7q5LsLp3CceMuczXre:Vnsmtk2a6K78HXnl3dcj7q5KpyceMuc+
-
Downloads MZ/PE file
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-