Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6.exe
-
Size
1.8MB
-
Sample
240405-xv1z3acc28
-
MD5
eb05e6c9605f07bd1273cae32a63e651
-
SHA1
e4501f6e52f156bb7abdfde445ea8150f6b5b70c
-
SHA256
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6
-
SHA512
60d052646156421b0eb668a7bd45bc16c9e7c87ef9561223c3119f259773a2c0bc408ee3824578daa998c081421192b85e92f4508d765d675a897f455cfe31a3
-
SSDEEP
6144:k9WN/ycwcZIp5rW65DyH5pIWgIWkAOUs70ha2xcU2mZK6K8p:vIcKp5P+t+s7R2xcU2EK6Kg
Behavioral task
behavioral1
Sample
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6.exe
-
Size
1.8MB
-
MD5
eb05e6c9605f07bd1273cae32a63e651
-
SHA1
e4501f6e52f156bb7abdfde445ea8150f6b5b70c
-
SHA256
dcfa407d3bdc09aadf1641835ad17947cc73b80d06373bc929fe3d3d759dabb6
-
SHA512
60d052646156421b0eb668a7bd45bc16c9e7c87ef9561223c3119f259773a2c0bc408ee3824578daa998c081421192b85e92f4508d765d675a897f455cfe31a3
-
SSDEEP
6144:k9WN/ycwcZIp5rW65DyH5pIWgIWkAOUs70ha2xcU2mZK6K8p:vIcKp5P+t+s7R2xcU2EK6Kg
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-