Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a81c46a52523e78bfd1615e1c723f30N.exe

  • Size

    146KB

  • Sample

    240821-qr9dpsthpn

  • MD5

    6a81c46a52523e78bfd1615e1c723f30

  • SHA1

    b1276556f6873ba29e02206d3dfe3257fea852fe

  • SHA256

    7857216819f2655574dfbef7833b68b70dd2ff60fe4d1326d374590e9395e50a

  • SHA512

    d7df7857f46935bfd0549bada703147ca518e9538b8e89b019365fca72edbc232acbd2e43a1ca7914a03df9b2978a0875cf816c0c9e7d6b15af42c0945aa4d6f

  • SSDEEP

    3072:zr8WDrCykbAYn2GgYlBYN2fHYTo+krt8wDSRUTT:PuTbAMpgY3gTC8DRUTT

Malware Config

Targets

    • Target

      6a81c46a52523e78bfd1615e1c723f30N.exe

    • Size

      146KB

    • MD5

      6a81c46a52523e78bfd1615e1c723f30

    • SHA1

      b1276556f6873ba29e02206d3dfe3257fea852fe

    • SHA256

      7857216819f2655574dfbef7833b68b70dd2ff60fe4d1326d374590e9395e50a

    • SHA512

      d7df7857f46935bfd0549bada703147ca518e9538b8e89b019365fca72edbc232acbd2e43a1ca7914a03df9b2978a0875cf816c0c9e7d6b15af42c0945aa4d6f

    • SSDEEP

      3072:zr8WDrCykbAYn2GgYlBYN2fHYTo+krt8wDSRUTT:PuTbAMpgY3gTC8DRUTT

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks