Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tmp
-
Size
1.3MB
-
Sample
240304-qpm3pabc5y
-
MD5
77b0a4cc8efa2b582c0fd137858e9ef5
-
SHA1
6a7ab92f3859819d06d3decdfdf4f2d6cbf5a433
-
SHA256
2b1e90bc6f9776e3f4d0f8883a9f3f6a1654827883dc67dd0c3a5581b27d38ba
-
SHA512
ab4e2c1b5ae5fa7d1bd133c1d70fe61f43174ecd89f0594d143d0f3ae23d5c39f5e8c12562dc5e1a9ce7bb0c773d792e52b952fd58f62ece336aa18847722eec
-
SSDEEP
24576:EtnO5wUAGYcb5PL1brHUCMdr6Z64AfAQn652WO3pAh:GG1Yevbr0ldr6ZEnckAh
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
tmp
-
Size
1.3MB
-
MD5
77b0a4cc8efa2b582c0fd137858e9ef5
-
SHA1
6a7ab92f3859819d06d3decdfdf4f2d6cbf5a433
-
SHA256
2b1e90bc6f9776e3f4d0f8883a9f3f6a1654827883dc67dd0c3a5581b27d38ba
-
SHA512
ab4e2c1b5ae5fa7d1bd133c1d70fe61f43174ecd89f0594d143d0f3ae23d5c39f5e8c12562dc5e1a9ce7bb0c773d792e52b952fd58f62ece336aa18847722eec
-
SSDEEP
24576:EtnO5wUAGYcb5PL1brHUCMdr6Z64AfAQn652WO3pAh:GG1Yevbr0ldr6ZEnckAh
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-