Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0266d9b7543e8524a95b81bf915f96beb672c494feeb988a9d82f2ccaca1a325

  • Size

    107KB

  • Sample

    240502-wsla6ade2t

  • MD5

    968a382a2d6352eed5bc29567556ec0e

  • SHA1

    853c9bfaf4b849b0654eb664f740a5ae5b7a822d

  • SHA256

    0266d9b7543e8524a95b81bf915f96beb672c494feeb988a9d82f2ccaca1a325

  • SHA512

    2a84f6a3cf7f88bf9f4ae46d8bfddacf8693c7f971d3b76b250da53f674d86a7760c31bb8314df09afdf6685bfb4c9a37bcb5560437df0d749a51c0e44996f2d

  • SSDEEP

    1536:yxqjQ+P04wsZLnDrCsRU+HPf5rUGWc8Fm3AOturnZDCAP4MMBUf5sWWhWXyHs:zr8WDrCsRUkqc8Fm3AAud3PL6WWs

Malware Config

Targets

    • Target

      0266d9b7543e8524a95b81bf915f96beb672c494feeb988a9d82f2ccaca1a325

    • Size

      107KB

    • MD5

      968a382a2d6352eed5bc29567556ec0e

    • SHA1

      853c9bfaf4b849b0654eb664f740a5ae5b7a822d

    • SHA256

      0266d9b7543e8524a95b81bf915f96beb672c494feeb988a9d82f2ccaca1a325

    • SHA512

      2a84f6a3cf7f88bf9f4ae46d8bfddacf8693c7f971d3b76b250da53f674d86a7760c31bb8314df09afdf6685bfb4c9a37bcb5560437df0d749a51c0e44996f2d

    • SSDEEP

      1536:yxqjQ+P04wsZLnDrCsRU+HPf5rUGWc8Fm3AOturnZDCAP4MMBUf5sWWhWXyHs:zr8WDrCsRUkqc8Fm3AAud3PL6WWs

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks