Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f3dd0247b284a8caa1092fe38a01d8792cbb46911fab9b7dd6e56e10f3e7c392

  • Size

    1.6MB

  • Sample

    221002-yxvrhaadek

  • MD5

    6c040a3189d4bdf364a046b5b7b2a087

  • SHA1

    ebefcc8aa9e12cde34d590523e932a342b24cff1

  • SHA256

    f3dd0247b284a8caa1092fe38a01d8792cbb46911fab9b7dd6e56e10f3e7c392

  • SHA512

    f94c367f1d04182b8f656c55783723b8c8ed6459ce2d3696aada22befdd3d4ae0105f4aa5d1fdefbd9ece6147d53ecacd4b3e191c58bd8fa2be072330023fcd1

  • SSDEEP

    49152:g2y9WkzTwQlLQ34X4omdTIWiNVVdowqGKoPd:UjgFdTt2VY4V

Malware Config

Targets

    • Target

      f3dd0247b284a8caa1092fe38a01d8792cbb46911fab9b7dd6e56e10f3e7c392

    • Size

      1.6MB

    • MD5

      6c040a3189d4bdf364a046b5b7b2a087

    • SHA1

      ebefcc8aa9e12cde34d590523e932a342b24cff1

    • SHA256

      f3dd0247b284a8caa1092fe38a01d8792cbb46911fab9b7dd6e56e10f3e7c392

    • SHA512

      f94c367f1d04182b8f656c55783723b8c8ed6459ce2d3696aada22befdd3d4ae0105f4aa5d1fdefbd9ece6147d53ecacd4b3e191c58bd8fa2be072330023fcd1

    • SSDEEP

      49152:g2y9WkzTwQlLQ34X4omdTIWiNVVdowqGKoPd:UjgFdTt2VY4V

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks