Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4

  • Size

    344KB

  • Sample

    240313-1flhlsbg73

  • MD5

    2730ab4cf366b53d78a9d172c9b9ef5c

  • SHA1

    554ed8f8cfaf51db2a6fd6dc35dc3e5060bb5ac4

  • SHA256

    9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4

  • SHA512

    c359e054aaa52047cb81207788d72b2d93be22252f01aad260823cdb1c479021c6cf5b1a6ac6d4931286bc69166d1e88b23d51d4de93309836f73af6280d3f1b

  • SSDEEP

    6144:/9Gpcq+HpFeHPgsHsSYafq8g2OLWFTlAOBh:opcqapMvgzS/JuuAQ

Malware Config

Targets

    • Target

      9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4

    • Size

      344KB

    • MD5

      2730ab4cf366b53d78a9d172c9b9ef5c

    • SHA1

      554ed8f8cfaf51db2a6fd6dc35dc3e5060bb5ac4

    • SHA256

      9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4

    • SHA512

      c359e054aaa52047cb81207788d72b2d93be22252f01aad260823cdb1c479021c6cf5b1a6ac6d4931286bc69166d1e88b23d51d4de93309836f73af6280d3f1b

    • SSDEEP

      6144:/9Gpcq+HpFeHPgsHsSYafq8g2OLWFTlAOBh:opcqapMvgzS/JuuAQ

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks