Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
07/05/2024, 11:51
General
-
Target
64252efce31c7e0bf4afed046bdfb900_NEAS.exe
-
Size
428KB
-
MD5
64252efce31c7e0bf4afed046bdfb900
-
SHA1
d5b2177a81cf3be8f51db07f52357bf3847f4fe2
-
SHA256
fede00e9cde5244ce77e7e21badf50eabb11224807868b24aa2bfa11adc90c3c
-
SHA512
5e913ff6c1357d1ee48c0fbe95b5dd3d56aaf05667a13bb2e65a1d8049f0e3cd9730df6de62882f311678eb7bb1585c6fe3154a8801ab14fc4f27eeb7f17367f
-
SSDEEP
12288:Z594+AcL4tBekiuKzErR7jS/nKNkF5Im8MXpul:BL4tBekiuVrR7gKuF5TXpu
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe"C:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\114F.tmp"C:\Users\Admin\AppData\Local\Temp\114F.tmp" --helpC:\Users\Admin\AppData\Local\Temp\64252efce31c7e0bf4afed046bdfb900_NEAS.exe DFF3BAD11FD1D9E0871D6BEE12F4A591032E469054F1052E9B1B41C5AA852AF2FC702D6F8B2CABE19342655CC038CA238A0F5B2EFABE0CA88C2BE82682445DBF2⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
428KB
MD5a489f50c1d6bf639cf5975c6a639cc25
SHA19274caa2f013d13dd01c9ae592bd348be6bbff5b
SHA25686bc522b436d53484110435728f2dc3a7ca8f0edf0af021f24a5b90295c14ee9
SHA512d03c0c0735cb5901227777c4399b7a647d5c486d5a26e70d6f6c1efc4262de9b54864a0088194cb2d811b41ff71c54ff1ecb7483bd740e8fda3f32087d6990cf