c5d80fe3bdc9959f66fea317e7307f8e37dfc8b6aafa04ccb49a65566122f4fc | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

3

16724739d1...AS.exe

windows7-x64

9

16724739d1...AS.exe

windows10-2004-x64

9

Sharing

General

Target

16724739d14958619ff40aeffe05c190_NEAS
Size

201KB
Sample

240507-kvxlescb59
MD5

16724739d14958619ff40aeffe05c190
SHA1

8df8c3db8a03040a5cfc89991f52d5e45c7b99c3
SHA256

c5d80fe3bdc9959f66fea317e7307f8e37dfc8b6aafa04ccb49a65566122f4fc
SHA512

c65e653455fe259d64c11f9efe40fb008b96a07e09361dfc37d2a5d2aa447d84a6595672210ce27630e2747c23b68cc3e63a10a840ad482e35280da6d39e11f1
SSDEEP

3072:6rWpcOPxPke+e3fFpsJOfFpsJbgErrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eIuFPxPke+eIb

Score

9^/10

ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

16724739d14958619ff40aeffe05c190_NEAS.exe

Resource

win7-20240221-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

16724739d14958619ff40aeffe05c190_NEAS.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  16724739d14958619ff40aeffe05c190_NEAS
- Size
  
  201KB
- MD5
  
  16724739d14958619ff40aeffe05c190
- SHA1
  
  8df8c3db8a03040a5cfc89991f52d5e45c7b99c3
- SHA256
  
  c5d80fe3bdc9959f66fea317e7307f8e37dfc8b6aafa04ccb49a65566122f4fc
- SHA512
  
  c65e653455fe259d64c11f9efe40fb008b96a07e09361dfc37d2a5d2aa447d84a6595672210ce27630e2747c23b68cc3e63a10a840ad482e35280da6d39e11f1
- SSDEEP
  
  3072:6rWpcOPxPke+e3fFpsJOfFpsJbgErrWpcOPxPke+e3fFpsJOfFpsJbgEb:tFPxPke+eIuFPxPke+eIb
Score

9^/10

ransomware
- Renames multiple (3619) files with added filename extension
  This suggests ransomware activity of encrypting all the files on the system.
  ransomware
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy