Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NezurLoader.exe
-
Size
71KB
-
Sample
240107-ds7v2sefh4
-
MD5
858aec1e5d6c068cbc99167b5f9b7c6f
-
SHA1
392d9d7218285cfe2d96c01503a60aea0c6535d1
-
SHA256
cf269203bdad4b5675cc947003542e4f4ec6257223ab86cc7c8abdfc7d89b13f
-
SHA512
6b052aa4ede7596217e96f57434609b8c069b0c8e7c0da3e7535f3e68ebddd2e4b5225911a18ae64fd23e6e869c9579940f3bade5a9c57a6c089a2923b0b0ec7
-
SSDEEP
384:ix1BWsK2AVb+Uv3B0lWhESfzKn+nQJS2S68tQzWJq5XXSjwc:iod2SO5XS0c
Static task
static1
Behavioral task
behavioral1
Sample
NezurLoader.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
NezurLoader.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
NezurLoader.exe
-
Size
71KB
-
MD5
858aec1e5d6c068cbc99167b5f9b7c6f
-
SHA1
392d9d7218285cfe2d96c01503a60aea0c6535d1
-
SHA256
cf269203bdad4b5675cc947003542e4f4ec6257223ab86cc7c8abdfc7d89b13f
-
SHA512
6b052aa4ede7596217e96f57434609b8c069b0c8e7c0da3e7535f3e68ebddd2e4b5225911a18ae64fd23e6e869c9579940f3bade5a9c57a6c089a2923b0b0ec7
-
SSDEEP
384:ix1BWsK2AVb+Uv3B0lWhESfzKn+nQJS2S68tQzWJq5XXSjwc:iod2SO5XS0c
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-