Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb
-
Size
3.0MB
-
Sample
240314-1v1abage3s
-
MD5
056c3b73ea0edf02f734d445ed945e55
-
SHA1
b25b0c776707501b2ec9097a147f1a9d23146de1
-
SHA256
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb
-
SHA512
d01e4660843136a71358a7d2dc86878f528ded1964ca5eaa7bb217faf0e7af4c07c0797987ea3b25b19947f12d659fca939bf8d891107f3fd8a61adc9ec11945
-
SSDEEP
49152:CHyjtk2MYC5GDvdAxk6N7MgR05ZHVFveSo6ghCn9:Cmtk2aOdAxzN7Mu05ZHfeSfn9
Static task
static1
Behavioral task
behavioral1
Sample
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb
-
Size
3.0MB
-
MD5
056c3b73ea0edf02f734d445ed945e55
-
SHA1
b25b0c776707501b2ec9097a147f1a9d23146de1
-
SHA256
9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb
-
SHA512
d01e4660843136a71358a7d2dc86878f528ded1964ca5eaa7bb217faf0e7af4c07c0797987ea3b25b19947f12d659fca939bf8d891107f3fd8a61adc9ec11945
-
SSDEEP
49152:CHyjtk2MYC5GDvdAxk6N7MgR05ZHVFveSo6ghCn9:Cmtk2aOdAxzN7Mu05ZHfeSfn9
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1