Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bc8e607dcbe7b50fa226746bb128f4b4
-
Size
679KB
-
Sample
240309-xmvhbaff28
-
MD5
bc8e607dcbe7b50fa226746bb128f4b4
-
SHA1
d94e5ff31a8c22f1c5cb455823c253d24c224bcb
-
SHA256
21dfbeca99921ce2ae9f1bbfe044920f2c8bce2c61c2efa77b20edc5338b7a07
-
SHA512
1c2f959875214a4ee5e637f5812f2d26d2d1d9286fa98f3ab2b27b1208f5762c4e61139913552df52de20ca70d5779fecef4116e3bf5a3431c780a74b1703e6f
-
SSDEEP
12288:G+a+1ERLTwf8h2tHTC7TcrjptfNL/1/vFWn7AUVs9jSFq:/r1ER3wEhkHTrrVt1dFc7quFq
Static task
static1
Behavioral task
behavioral1
Sample
bc8e607dcbe7b50fa226746bb128f4b4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bc8e607dcbe7b50fa226746bb128f4b4.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
bc8e607dcbe7b50fa226746bb128f4b4
-
Size
679KB
-
MD5
bc8e607dcbe7b50fa226746bb128f4b4
-
SHA1
d94e5ff31a8c22f1c5cb455823c253d24c224bcb
-
SHA256
21dfbeca99921ce2ae9f1bbfe044920f2c8bce2c61c2efa77b20edc5338b7a07
-
SHA512
1c2f959875214a4ee5e637f5812f2d26d2d1d9286fa98f3ab2b27b1208f5762c4e61139913552df52de20ca70d5779fecef4116e3bf5a3431c780a74b1703e6f
-
SSDEEP
12288:G+a+1ERLTwf8h2tHTC7TcrjptfNL/1/vFWn7AUVs9jSFq:/r1ER3wEhkHTrrVt1dFc7quFq
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies system executable filetype association
-
Suspicious use of SetThreadContext
-