Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d7c4fb010b5a713b42be2aee66b7c9f9b6ea11229d1b8bf9a450dcd1dfaf97a

  • Size

    92KB

  • Sample

    221011-pmp9ladhc7

  • MD5

    001276b946d88021eb9414eb9c71b8f6

  • SHA1

    10f0a9191541d9ce0dcff1c3ab7f67edd0c04dbb

  • SHA256

    1d7c4fb010b5a713b42be2aee66b7c9f9b6ea11229d1b8bf9a450dcd1dfaf97a

  • SHA512

    65052641d559474b5b48601e515b9bc1c16c7abfa54d690547a49340aa1007700e86433f1b17ef16932952bf7cb32d0bc3f1d0bd68e8235dfd951eaa2d23152f

  • SSDEEP

    1536:yxqjQ+P04wsZLnDrC4P5heBti/kYNSPcMPRYt:zr8WDrC4P5heB2+RYt

Malware Config

Targets

    • Target

      1d7c4fb010b5a713b42be2aee66b7c9f9b6ea11229d1b8bf9a450dcd1dfaf97a

    • Size

      92KB

    • MD5

      001276b946d88021eb9414eb9c71b8f6

    • SHA1

      10f0a9191541d9ce0dcff1c3ab7f67edd0c04dbb

    • SHA256

      1d7c4fb010b5a713b42be2aee66b7c9f9b6ea11229d1b8bf9a450dcd1dfaf97a

    • SHA512

      65052641d559474b5b48601e515b9bc1c16c7abfa54d690547a49340aa1007700e86433f1b17ef16932952bf7cb32d0bc3f1d0bd68e8235dfd951eaa2d23152f

    • SSDEEP

      1536:yxqjQ+P04wsZLnDrC4P5heBti/kYNSPcMPRYt:zr8WDrC4P5heB2+RYt

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks