Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e9ba8163308c746aa5ae1c9f89005238733f47707a91315b54a40e3ef74d47ec
-
Size
352KB
-
Sample
221003-yf4cbadae2
-
MD5
6aeae49808cfb5549f187cf28883cb20
-
SHA1
cc0452cdcb791c96f18f0ae1e6c64833ecff61e9
-
SHA256
e9ba8163308c746aa5ae1c9f89005238733f47707a91315b54a40e3ef74d47ec
-
SHA512
0e6a4959dccc57649180079f4a400caf8881c9b852a91e37be6de38eec03e1f356ca955d6b8b4f1f0e0ad4b632fb3da5bf13e08de8ca34922006edbbf4d124c6
-
SSDEEP
6144:k9CcMDcknswQM3XM3llUlA+QCD8PB3SAUXh6BLREoSdLfsztUB:xceXsw9X6ll4A+fD8xSheNEoSdLaUB
Malware Config
Targets
-
-
Target
e9ba8163308c746aa5ae1c9f89005238733f47707a91315b54a40e3ef74d47ec
-
Size
352KB
-
MD5
6aeae49808cfb5549f187cf28883cb20
-
SHA1
cc0452cdcb791c96f18f0ae1e6c64833ecff61e9
-
SHA256
e9ba8163308c746aa5ae1c9f89005238733f47707a91315b54a40e3ef74d47ec
-
SHA512
0e6a4959dccc57649180079f4a400caf8881c9b852a91e37be6de38eec03e1f356ca955d6b8b4f1f0e0ad4b632fb3da5bf13e08de8ca34922006edbbf4d124c6
-
SSDEEP
6144:k9CcMDcknswQM3XM3llUlA+QCD8PB3SAUXh6BLREoSdLfsztUB:xceXsw9X6ll4A+fD8xSheNEoSdLaUB
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-