Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    2.6MB

  • Sample

    240312-v7prfsha82

  • MD5

    2694402a15bf74cb83e092b8423092a2

  • SHA1

    34da23de12e08166c024d81e8f633ff89f6a3405

  • SHA256

    0dc0c7008345a2e24a5db520b0b3c8ea64feadeb7306bab846b91000a0fa650b

  • SHA512

    d10293c89a132df344917d9b38a6107a7b6b731ee2da9b444704124ff0a824e9cf544bcdc9b4bad6f464650ac7860a7c9a7bc4d48fe94f061587552d2f5859a6

  • SSDEEP

    49152:i53QoQ/1HPZVpvkUFokbF1OSyYWcWvv5vYaf1409GkMVz:iw/pZVpJF9p1OSyncUvpYCA9

Score
10/10
neshtapersistencespywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      2.6MB

    • MD5

      2694402a15bf74cb83e092b8423092a2

    • SHA1

      34da23de12e08166c024d81e8f633ff89f6a3405

    • SHA256

      0dc0c7008345a2e24a5db520b0b3c8ea64feadeb7306bab846b91000a0fa650b

    • SHA512

      d10293c89a132df344917d9b38a6107a7b6b731ee2da9b444704124ff0a824e9cf544bcdc9b4bad6f464650ac7860a7c9a7bc4d48fe94f061587552d2f5859a6

    • SSDEEP

      49152:i53QoQ/1HPZVpvkUFokbF1OSyYWcWvv5vYaf1409GkMVz:iw/pZVpJF9p1OSyncUvpYCA9

    Score
    10/10
    neshtapersistencespywarestealer

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks