Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

fe9462599a...d7.exe

windows7_x64

10

fe9462599a...d7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe9462599a08f62eb6d8035dd453fad7

  • Size

    579KB

  • Sample

    211223-pyg3csafal

  • MD5

    fe9462599a08f62eb6d8035dd453fad7

  • SHA1

    6fdf760e3768ab2797ccd271f59a48abb8b7a6bd

  • SHA256

    0531cae688e34d09b9a7da4e5f50cedaf854d47e7d15eae958cd569a1ecf0b55

  • SHA512

    6de9d4fa81af0bd904bc1b88339a62a4e2f46dd7575771f68e42dd77389cf96907f6af1dbbe1bf2e4e5a1e7d4cbeb4dc7cf5af23b9bde187759c405f1127ea5c

Score
10/10
darkvncneshtapersistenceratspywarestealer

Malware Config

Targets

    • Target

      fe9462599a08f62eb6d8035dd453fad7

    • Size

      579KB

    • MD5

      fe9462599a08f62eb6d8035dd453fad7

    • SHA1

      6fdf760e3768ab2797ccd271f59a48abb8b7a6bd

    • SHA256

      0531cae688e34d09b9a7da4e5f50cedaf854d47e7d15eae958cd569a1ecf0b55

    • SHA512

      6de9d4fa81af0bd904bc1b88339a62a4e2f46dd7575771f68e42dd77389cf96907f6af1dbbe1bf2e4e5a1e7d4cbeb4dc7cf5af23b9bde187759c405f1127ea5c

    Score
    10/10
    darkvncneshtapersistenceratspywarestealer

    • DarkVNC

      DarkVNC is a malicious version of the famous VNC software.

      ratdarkvnc

    • Modifies system executable filetype association

      persistence

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • DarkVNC Payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.