Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d

  • Size

    98KB

  • Sample

    221011-aj4kgsfcc3

  • MD5

    69d54372fcc07046e757d854e21afd7c

  • SHA1

    0406558cd0df9e8c9fc373164a015b8f7d0e10d2

  • SHA256

    e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d

  • SHA512

    c6fa19f202b42d1d0aae30e23fe53a4919b1c2ba5e2f9576073db7f1dc42acebdde474aaaf0cb527b754197a0d0fc1404c8f16ed6779d76efca13ebd0959b2c2

  • SSDEEP

    1536:JxqjQ+P04wsmJCc90+ve29XZXcRdmw9/0ntyFm/k0pARCZeI/am1qjdbubJl:sr85CZ+ve4s7xJDFWk4AMSm1qJaJl

Malware Config

Targets

    • Target

      e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d

    • Size

      98KB

    • MD5

      69d54372fcc07046e757d854e21afd7c

    • SHA1

      0406558cd0df9e8c9fc373164a015b8f7d0e10d2

    • SHA256

      e04596c0eb0f28ed723ea5cf4904ad02c72c838faed8598950dc3a2a64e1199d

    • SHA512

      c6fa19f202b42d1d0aae30e23fe53a4919b1c2ba5e2f9576073db7f1dc42acebdde474aaaf0cb527b754197a0d0fc1404c8f16ed6779d76efca13ebd0959b2c2

    • SSDEEP

      1536:JxqjQ+P04wsmJCc90+ve29XZXcRdmw9/0ntyFm/k0pARCZeI/am1qjdbubJl:sr85CZ+ve4s7xJDFWk4AMSm1qJaJl

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks