Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d
-
Size
98KB
-
Sample
221011-aj4kgsfcc3
-
MD5
69d54372fcc07046e757d854e21afd7c
-
SHA1
0406558cd0df9e8c9fc373164a015b8f7d0e10d2
-
SHA256
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d
-
SHA512
c6fa19f202b42d1d0aae30e23fe53a4919b1c2ba5e2f9576073db7f1dc42acebdde474aaaf0cb527b754197a0d0fc1404c8f16ed6779d76efca13ebd0959b2c2
-
SSDEEP
1536:JxqjQ+P04wsmJCc90+ve29XZXcRdmw9/0ntyFm/k0pARCZeI/am1qjdbubJl:sr85CZ+ve4s7xJDFWk4AMSm1qJaJl
Behavioral task
behavioral1
Sample
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d
-
Size
98KB
-
MD5
69d54372fcc07046e757d854e21afd7c
-
SHA1
0406558cd0df9e8c9fc373164a015b8f7d0e10d2
-
SHA256
e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d
-
SHA512
c6fa19f202b42d1d0aae30e23fe53a4919b1c2ba5e2f9576073db7f1dc42acebdde474aaaf0cb527b754197a0d0fc1404c8f16ed6779d76efca13ebd0959b2c2
-
SSDEEP
1536:JxqjQ+P04wsmJCc90+ve29XZXcRdmw9/0ntyFm/k0pARCZeI/am1qjdbubJl:sr85CZ+ve4s7xJDFWk4AMSm1qJaJl
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-