Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

66a17a84e8...AS.exe

windows7-x64

10

66a17a84e8...AS.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    66a17a84e8bbf9847e39e6b04be8be10_NEAS

  • Size

    1.5MB

  • Sample

    240507-e31p6ahg2t

  • MD5

    66a17a84e8bbf9847e39e6b04be8be10

  • SHA1

    3d7706e18aab5ea484174081b6c5324a06c470bd

  • SHA256

    234e82525554a603819f7f0fb0bc22465f96dca361873a1f29ec073508c29e41

  • SHA512

    b6f04d61437c22dc625b8baab150d4981e5e62dc4c521bc512b9605a27dc6f39d270495d90e982a9aa8e712448232eef744147e114d436428a84af9af07a3888

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTd7fQn:Lz071uv4BPMkFfdk2auTxfq

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      66a17a84e8bbf9847e39e6b04be8be10_NEAS

    • Size

      1.5MB

    • MD5

      66a17a84e8bbf9847e39e6b04be8be10

    • SHA1

      3d7706e18aab5ea484174081b6c5324a06c470bd

    • SHA256

      234e82525554a603819f7f0fb0bc22465f96dca361873a1f29ec073508c29e41

    • SHA512

      b6f04d61437c22dc625b8baab150d4981e5e62dc4c521bc512b9605a27dc6f39d270495d90e982a9aa8e712448232eef744147e114d436428a84af9af07a3888

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkFfkeMGvGr1t4oAirbNIjTd7fQn:Lz071uv4BPMkFfdk2auTxfq

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks