Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    78af07571e7202ebf73b1cad62f4d6174ae385843d91ec44bd6be90200bd1ba8

  • Size

    1.0MB

  • Sample

    221030-dd4vvaheh6

  • MD5

    52a60fc79a153010755255ea40f6aa10

  • SHA1

    d54deb9a01ca4539b2e27c6385c4a020e7ee54a8

  • SHA256

    78af07571e7202ebf73b1cad62f4d6174ae385843d91ec44bd6be90200bd1ba8

  • SHA512

    c1f4eb8822e424cf0f6bfce9a96da7ae0ab33677321f567ff726124f6fb4b4a2bf1d404cf33860a2f0ffac447c67cc214d731499a5b6d310b362f9584845a242

  • SSDEEP

    24576:0iMXBZboRP6HTaC698o8zvaqrXEqT8guYU:0iYKP6HTB5o8zvaqrXNT83

Malware Config

Targets

    • Target

      78af07571e7202ebf73b1cad62f4d6174ae385843d91ec44bd6be90200bd1ba8

    • Size

      1.0MB

    • MD5

      52a60fc79a153010755255ea40f6aa10

    • SHA1

      d54deb9a01ca4539b2e27c6385c4a020e7ee54a8

    • SHA256

      78af07571e7202ebf73b1cad62f4d6174ae385843d91ec44bd6be90200bd1ba8

    • SHA512

      c1f4eb8822e424cf0f6bfce9a96da7ae0ab33677321f567ff726124f6fb4b4a2bf1d404cf33860a2f0ffac447c67cc214d731499a5b6d310b362f9584845a242

    • SSDEEP

      24576:0iMXBZboRP6HTaC698o8zvaqrXEqT8guYU:0iYKP6HTB5o8zvaqrXNT83

    • Modifies system executable filetype association

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks