Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb

  • Size

    3.0MB

  • Sample

    240314-1v1abage3s

  • MD5

    056c3b73ea0edf02f734d445ed945e55

  • SHA1

    b25b0c776707501b2ec9097a147f1a9d23146de1

  • SHA256

    9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb

  • SHA512

    d01e4660843136a71358a7d2dc86878f528ded1964ca5eaa7bb217faf0e7af4c07c0797987ea3b25b19947f12d659fca939bf8d891107f3fd8a61adc9ec11945

  • SSDEEP

    49152:CHyjtk2MYC5GDvdAxk6N7MgR05ZHVFveSo6ghCn9:Cmtk2aOdAxzN7Mu05ZHfeSfn9

Malware Config

Targets

    • Target

      9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb

    • Size

      3.0MB

    • MD5

      056c3b73ea0edf02f734d445ed945e55

    • SHA1

      b25b0c776707501b2ec9097a147f1a9d23146de1

    • SHA256

      9d7efad1823c88b8b5b0b07ae9028fc23d2639445a0d95b48d9360b0ab9e68cb

    • SHA512

      d01e4660843136a71358a7d2dc86878f528ded1964ca5eaa7bb217faf0e7af4c07c0797987ea3b25b19947f12d659fca939bf8d891107f3fd8a61adc9ec11945

    • SSDEEP

      49152:CHyjtk2MYC5GDvdAxk6N7MgR05ZHVFveSo6ghCn9:Cmtk2aOdAxzN7Mu05ZHfeSfn9

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks