Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.94d60c5c8cccc4927ecc690503220bb0.exe

  • Size

    1.1MB

  • Sample

    231118-czrlzaae5z

  • MD5

    94d60c5c8cccc4927ecc690503220bb0

  • SHA1

    669e509adec684b61a6c76d17d9b232a09884179

  • SHA256

    2126846f6d6b34c2de47a2b4e735d2c24377a781ffaa96704e0de6208e7b064a

  • SHA512

    e19cffb9b08dc3fda8f0aff379a496631bd7bdc509ff500869a5bb35259c3694d293d4b6321fa85d6b0f5a8c44d348e8bbc19ac2f4c51064a7306327f889cb80

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQGCZLFdGfuv2rwj/Ob:ROdWCCi7/raZ5aIwC+Agr6S/F3vub

Malware Config

Targets

    • Target

      NEAS.94d60c5c8cccc4927ecc690503220bb0.exe

    • Size

      1.1MB

    • MD5

      94d60c5c8cccc4927ecc690503220bb0

    • SHA1

      669e509adec684b61a6c76d17d9b232a09884179

    • SHA256

      2126846f6d6b34c2de47a2b4e735d2c24377a781ffaa96704e0de6208e7b064a

    • SHA512

      e19cffb9b08dc3fda8f0aff379a496631bd7bdc509ff500869a5bb35259c3694d293d4b6321fa85d6b0f5a8c44d348e8bbc19ac2f4c51064a7306327f889cb80

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQGCZLFdGfuv2rwj/Ob:ROdWCCi7/raZ5aIwC+Agr6S/F3vub

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks