Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bc8e607dcbe7b50fa226746bb128f4b4

  • Size

    679KB

  • Sample

    240309-xmvhbaff28

  • MD5

    bc8e607dcbe7b50fa226746bb128f4b4

  • SHA1

    d94e5ff31a8c22f1c5cb455823c253d24c224bcb

  • SHA256

    21dfbeca99921ce2ae9f1bbfe044920f2c8bce2c61c2efa77b20edc5338b7a07

  • SHA512

    1c2f959875214a4ee5e637f5812f2d26d2d1d9286fa98f3ab2b27b1208f5762c4e61139913552df52de20ca70d5779fecef4116e3bf5a3431c780a74b1703e6f

  • SSDEEP

    12288:G+a+1ERLTwf8h2tHTC7TcrjptfNL/1/vFWn7AUVs9jSFq:/r1ER3wEhkHTrrVt1dFc7quFq

Malware Config

Targets

    • Target

      bc8e607dcbe7b50fa226746bb128f4b4

    • Size

      679KB

    • MD5

      bc8e607dcbe7b50fa226746bb128f4b4

    • SHA1

      d94e5ff31a8c22f1c5cb455823c253d24c224bcb

    • SHA256

      21dfbeca99921ce2ae9f1bbfe044920f2c8bce2c61c2efa77b20edc5338b7a07

    • SHA512

      1c2f959875214a4ee5e637f5812f2d26d2d1d9286fa98f3ab2b27b1208f5762c4e61139913552df52de20ca70d5779fecef4116e3bf5a3431c780a74b1703e6f

    • SSDEEP

      12288:G+a+1ERLTwf8h2tHTC7TcrjptfNL/1/vFWn7AUVs9jSFq:/r1ER3wEhkHTrrVt1dFc7quFq

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks