Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
98bbdacb195539f162c7566811412d60N.exe
-
Size
6.6MB
-
Sample
240802-nj5dns1arf
-
MD5
98bbdacb195539f162c7566811412d60
-
SHA1
e26ae4c95ad882d852168131e1e57fba05b62fe0
-
SHA256
35e345c8b2fafb181c1b873d27604bef40a4b13a4cd5745e57b0807ed060b18c
-
SHA512
dcb8617d89f895ef16972c5a6732b96f2174c3f0946297f135a34c48cc05221451cbbc97232af7ac17b7e7620eea2f9de5865a054b91c18aeb38ff267bd08ae3
-
SSDEEP
98304:oCD6vy8Msw5+Wp5a/VTvhCkH+jiDUwDjezCEgnM:7D6vy9s05ahHH+eD5qeEQM
Behavioral task
behavioral1
Sample
98bbdacb195539f162c7566811412d60N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
98bbdacb195539f162c7566811412d60N.exe
Resource
win10v2004-20240730-en
Malware Config
Targets
-
-
Target
98bbdacb195539f162c7566811412d60N.exe
-
Size
6.6MB
-
MD5
98bbdacb195539f162c7566811412d60
-
SHA1
e26ae4c95ad882d852168131e1e57fba05b62fe0
-
SHA256
35e345c8b2fafb181c1b873d27604bef40a4b13a4cd5745e57b0807ed060b18c
-
SHA512
dcb8617d89f895ef16972c5a6732b96f2174c3f0946297f135a34c48cc05221451cbbc97232af7ac17b7e7620eea2f9de5865a054b91c18aeb38ff267bd08ae3
-
SSDEEP
98304:oCD6vy8Msw5+Wp5a/VTvhCkH+jiDUwDjezCEgnM:7D6vy9s05ahHH+eD5qeEQM
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-