Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

26ebf1f71b...AS.exe

windows7-x64

7

26ebf1f71b...AS.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26ebf1f71b4b34006787cbb7a23a3fd0_NEAS

  • Size

    326KB

  • Sample

    240507-lhxlbsae6y

  • MD5

    26ebf1f71b4b34006787cbb7a23a3fd0

  • SHA1

    46ab6592d0e32761e7cce12b94a64eef2f8151fb

  • SHA256

    bdec4ac79297f59965a2495ce18f468d72cebb1cb2dd63260239d28a6492d7ac

  • SHA512

    f53487443e5c09a95430e6600372f52d2b2448973e628cf07ee9c57ba3ee2703d934e8f7a4239151c1dca6e6321b736ea1a0ce353d42cfd6a10c87ce25955930

  • SSDEEP

    6144:oGHGRpO9p1om9+xs3NBBpIaKFpWCouQl8AZMnzv2/j8Kl//i4/czUZEaMX1cCFhD:oGHasii9BTukCgZMnT2/jvl//HcZa41f

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      26ebf1f71b4b34006787cbb7a23a3fd0_NEAS

    • Size

      326KB

    • MD5

      26ebf1f71b4b34006787cbb7a23a3fd0

    • SHA1

      46ab6592d0e32761e7cce12b94a64eef2f8151fb

    • SHA256

      bdec4ac79297f59965a2495ce18f468d72cebb1cb2dd63260239d28a6492d7ac

    • SHA512

      f53487443e5c09a95430e6600372f52d2b2448973e628cf07ee9c57ba3ee2703d934e8f7a4239151c1dca6e6321b736ea1a0ce353d42cfd6a10c87ce25955930

    • SSDEEP

      6144:oGHGRpO9p1om9+xs3NBBpIaKFpWCouQl8AZMnzv2/j8Kl//i4/czUZEaMX1cCFhD:oGHasii9BTukCgZMnT2/jvl//HcZa41f

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks