Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7996817746b878c92c5fc407a2d25b55

  • Size

    1.3MB

  • Sample

    240127-hxga4shafj

  • MD5

    7996817746b878c92c5fc407a2d25b55

  • SHA1

    b1a2215278e263048f60d8663a1d8a3adea8e1a0

  • SHA256

    2c2f87ce2d5f3f2e55272aa72b32fbdd30ef6886903266ae645ea9b1e08ab5f1

  • SHA512

    f45f0a53aaf27e88ae9e36b5286bb64ddfdcd8724d202c99a26766afb90fc20fff012116ce2d9437d5371f87f8eb903d5b6ab7518103a07e85c9db6316d3813f

  • SSDEEP

    24576:Bv35bLaP4xtPmUGjgdhkhsuxo5KYviBvtFiCGlt/C9Rt4nyDazxbZYTawquegN:x5phmUkgoXxoSBvWCGl8tEyDaZZYehgN

Malware Config

Targets

    • Target

      7996817746b878c92c5fc407a2d25b55

    • Size

      1.3MB

    • MD5

      7996817746b878c92c5fc407a2d25b55

    • SHA1

      b1a2215278e263048f60d8663a1d8a3adea8e1a0

    • SHA256

      2c2f87ce2d5f3f2e55272aa72b32fbdd30ef6886903266ae645ea9b1e08ab5f1

    • SHA512

      f45f0a53aaf27e88ae9e36b5286bb64ddfdcd8724d202c99a26766afb90fc20fff012116ce2d9437d5371f87f8eb903d5b6ab7518103a07e85c9db6316d3813f

    • SSDEEP

      24576:Bv35bLaP4xtPmUGjgdhkhsuxo5KYviBvtFiCGlt/C9Rt4nyDazxbZYTawquegN:x5phmUkgoXxoSBvWCGl8tEyDaZZYehgN

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks