Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NezurLoader.exe

  • Size

    71KB

  • Sample

    240107-ds7v2sefh4

  • MD5

    858aec1e5d6c068cbc99167b5f9b7c6f

  • SHA1

    392d9d7218285cfe2d96c01503a60aea0c6535d1

  • SHA256

    cf269203bdad4b5675cc947003542e4f4ec6257223ab86cc7c8abdfc7d89b13f

  • SHA512

    6b052aa4ede7596217e96f57434609b8c069b0c8e7c0da3e7535f3e68ebddd2e4b5225911a18ae64fd23e6e869c9579940f3bade5a9c57a6c089a2923b0b0ec7

  • SSDEEP

    384:ix1BWsK2AVb+Uv3B0lWhESfzKn+nQJS2S68tQzWJq5XXSjwc:iod2SO5XS0c

Score
7/10

Malware Config

Targets

    • Target

      NezurLoader.exe

    • Size

      71KB

    • MD5

      858aec1e5d6c068cbc99167b5f9b7c6f

    • SHA1

      392d9d7218285cfe2d96c01503a60aea0c6535d1

    • SHA256

      cf269203bdad4b5675cc947003542e4f4ec6257223ab86cc7c8abdfc7d89b13f

    • SHA512

      6b052aa4ede7596217e96f57434609b8c069b0c8e7c0da3e7535f3e68ebddd2e4b5225911a18ae64fd23e6e869c9579940f3bade5a9c57a6c089a2923b0b0ec7

    • SSDEEP

      384:ix1BWsK2AVb+Uv3B0lWhESfzKn+nQJS2S68tQzWJq5XXSjwc:iod2SO5XS0c

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks