Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4
-
Size
344KB
-
Sample
240313-1flhlsbg73
-
MD5
2730ab4cf366b53d78a9d172c9b9ef5c
-
SHA1
554ed8f8cfaf51db2a6fd6dc35dc3e5060bb5ac4
-
SHA256
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4
-
SHA512
c359e054aaa52047cb81207788d72b2d93be22252f01aad260823cdb1c479021c6cf5b1a6ac6d4931286bc69166d1e88b23d51d4de93309836f73af6280d3f1b
-
SSDEEP
6144:/9Gpcq+HpFeHPgsHsSYafq8g2OLWFTlAOBh:opcqapMvgzS/JuuAQ
Behavioral task
behavioral1
Sample
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4
-
Size
344KB
-
MD5
2730ab4cf366b53d78a9d172c9b9ef5c
-
SHA1
554ed8f8cfaf51db2a6fd6dc35dc3e5060bb5ac4
-
SHA256
9549b48cabb0f121341ed63aef89c4a09c37842de712d8711c16cc449bbe6df4
-
SHA512
c359e054aaa52047cb81207788d72b2d93be22252f01aad260823cdb1c479021c6cf5b1a6ac6d4931286bc69166d1e88b23d51d4de93309836f73af6280d3f1b
-
SSDEEP
6144:/9Gpcq+HpFeHPgsHsSYafq8g2OLWFTlAOBh:opcqapMvgzS/JuuAQ
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-