Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Neptune-main.zip

windows7-x64

8

Neptune-main.zip

windows10-2004-x64

8

Neptune-ma...DME.md

windows7-x64

3

Neptune-ma...DME.md

windows10-2004-x64

3

Neptune-ma...e here

windows7-x64

1

Neptune-ma...e here

windows10-2004-x64

1

Neptune-ma...une.py

windows7-x64

3

Neptune-ma...une.py

windows10-2004-x64

3

Neptune-ma...ts.txt

windows7-x64

1

Neptune-ma...ts.txt

windows10-2004-x64

1

Neptune-ma...up.bat

windows7-x64

1

Neptune-ma...up.bat

windows10-2004-x64

1

Neptune-ma...al.txt

windows7-x64

1

Neptune-ma...al.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Neptune-main.zip

  • Size

    3KB

  • Sample

    240220-ja4nkadh93

  • MD5

    a748ab36470d217e4b670569e11cc133

  • SHA1

    7d892521f607668b77a07600bd0566111abe6881

  • SHA256

    d10cf685acdb897e304693c2d7e7f78805a134b206d292eac4ed63ed80393077

  • SHA512

    69d3155e2d986e6b3cd85af60c1acc6064886b5d52895b891327cc13d8a515db23bfec363dd6dae402d09a1df3e1069a5e9a2537e4fa9186f0dd94b0ccd1905a

Score
8/10
discoverypersistence

Malware Config

Targets

    • Target

      Neptune-main.zip

    • Size

      3KB

    • MD5

      a748ab36470d217e4b670569e11cc133

    • SHA1

      7d892521f607668b77a07600bd0566111abe6881

    • SHA256

      d10cf685acdb897e304693c2d7e7f78805a134b206d292eac4ed63ed80393077

    • SHA512

      69d3155e2d986e6b3cd85af60c1acc6064886b5d52895b891327cc13d8a515db23bfec363dd6dae402d09a1df3e1069a5e9a2537e4fa9186f0dd94b0ccd1905a

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

    • Target

      Neptune-main/README.md

    • Size

      4KB

    • MD5

      28c502cb77e210ebfda27bff8a62df72

    • SHA1

      338392f7e6e702a8153f42cf5785cc878dfa722f

    • SHA256

      265545eda04870fe53f302832cc22e4c778807e8ba1db7e695adde8e48e4e288

    • SHA512

      db260bfea37797cf9286d4cf1c403556f1836fc7b001ac0b5d0fd2fb9685a52d25a8663809675b583706f1806a4fedeb14bd41690153ad33d11ca3e8a63f6ad1

    • SSDEEP

      96:2IcK6tgsUNNPw+ocZet+m8W7OuwCgFEXv234CmEinY:2husypw+ocZet+mN7Ouwjavej0Y

    Score
    3/10
    behavioral3behavioral4

    • Target

      Neptune-main/config/nothing to see here

    • Size

      1B

    • MD5

      68b329da9893e34099c7d8ad5cb9c940

    • SHA1

      adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

    • SHA256

      01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

    • SHA512

      be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

    Score
    1/10
    behavioral5behavioral6

    • Target

      Neptune-main/neptune.py

    • Size

      41B

    • MD5

      5d2e6ded09185d75b82f0914d5a5ddd4

    • SHA1

      4ab3cd2d43c16b98b056a22a9cc0f5c070c6bf45

    • SHA256

      7d869545d02a9b112199d9f14b8dbdad65bb2e315f8e0f4cb4b8f68084cc2fc0

    • SHA512

      583293d9469394d410d9a46db43c5328f340c07400e85dcfd3c8de03434789cb4c8e755b52b2e6e95f2eaee9083be6d7f06175cac831e6f1128a127ec279b8ef

    Score
    3/10
    behavioral7behavioral8

    • Target

      Neptune-main/requirements.txt

    • Size

      42B

    • MD5

      1843c330acc603d67095d2665a4a11fc

    • SHA1

      0af2dadb623763a8abfa7033f3bee8f4516cd7cc

    • SHA256

      d5a04959d6af01ff0bf041bb14573e21c602347caea565553bf24aa5791461b9

    • SHA512

      e4488a68d1569084f169df59e172e9453d4a8c7d739e753fd62fee9b523267dd080a1666b2177fbf4efb9e638d91c41c302641b6213071e8bb21f770550e2a1f

    Score
    1/10
    behavioral10behavioral9

    • Target

      Neptune-main/setup.bat

    • Size

      42B

    • MD5

      1843c330acc603d67095d2665a4a11fc

    • SHA1

      0af2dadb623763a8abfa7033f3bee8f4516cd7cc

    • SHA256

      d5a04959d6af01ff0bf041bb14573e21c602347caea565553bf24aa5791461b9

    • SHA512

      e4488a68d1569084f169df59e172e9453d4a8c7d739e753fd62fee9b523267dd080a1666b2177fbf4efb9e638d91c41c302641b6213071e8bb21f770550e2a1f

    Score
    1/10
    behavioral11behavioral12

    • Target

      Neptune-main/tutorial.txt

    • Size

      627B

    • MD5

      cb567d3fbbd25cca2b68b44d6ee4920e

    • SHA1

      f7b447da119a52fa76ad8056b5de4c7ee5fddb71

    • SHA256

      625017ae2e27a9cb3cba7b0a1ee2c48fcac62ae25d7eff4ae0135468fddd3f2f

    • SHA512

      0241fe48d22ef8ca12c34977b41f52ab9adc5c5b517f172b97e004bafa124b61e788f86ffe914dae8aaa77e74af0d4075bde3fc4ad83b558bfc994600fec6cb0

    Score
    1/10
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks