Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Neo/Lumina...-2.bin

windows7-x64

3

Neo/Lumina...-2.bin

windows10-2004-x64

3

Neo/Lumina...up.exe

windows7-x64

7

Neo/Lumina...up.exe

windows10-2004-x64

7

Neo/Reg.reg

windows7-x64

1

Neo/Reg.reg

windows10-2004-x64

1

Neo/rapidg...et.url

windows7-x64

6

Neo/rapidg...et.url

windows10-2004-x64

3

Analysis

  • max time kernel
    161s
  • max time network
    205s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2024, 10:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Neo/LuminarNeoSetup-2.bin

  • Size

    664.7MB

  • MD5

    2228749f99e227228cba73c286da66cb

  • SHA1

    32d9546d5f0d319999ff438b05543331f1523dd9

  • SHA256

    f42b757466fcdecfe579d77ecad12992190dda3a0beea04b975afbd5423176c1

  • SHA512

    7047123d41c86ba284e04e11f1ee97268f338a96dc3e593525c69dcedb0139c7c0fd63c1a4920dec5b92461125be53beba465484da58e442d500c860d448fb84

  • SSDEEP

    12582912:c/kDG6r1eqQCzzfbzWvgoRmJqW2yh2bpnUGFXcFF1EZBBSfid96wrQViS:4T6ZpzzDz1oR2IdNtXGEcifO

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 19 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Neo\LuminarNeoSetup-2.bin
    1⤵
    • Modifies registry class
    PID:3436
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads