Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
04e6ed1c1693ada763892a5174843a40N
-
Size
1.2MB
-
Sample
240825-z94evaxeml
-
MD5
04e6ed1c1693ada763892a5174843a40
-
SHA1
19db357d693d52f0aaf54f88ef36bf8e78e0d3bd
-
SHA256
b03edbe5896abb2708213d19fe460a38493f7e8cb0eafb55d2ea33c0d176d3ce
-
SHA512
fabb826e12efaa159248df5e38c20b4f32b7371758e18fcaa7bb38c5afe7dff91932c5dd0819183f5aa9374d37eec206905ea0440f8feacaac0f07c3098e8861
-
SSDEEP
12288:f46X/r3k5JVYe1qIE/s8/YYQZim2UoNoYqhfVf78aLWchH:f46X/I3Vt1qjYpZ9oNgj5bhH
Behavioral task
behavioral1
Sample
04e6ed1c1693ada763892a5174843a40N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
04e6ed1c1693ada763892a5174843a40N.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
04e6ed1c1693ada763892a5174843a40N
-
Size
1.2MB
-
MD5
04e6ed1c1693ada763892a5174843a40
-
SHA1
19db357d693d52f0aaf54f88ef36bf8e78e0d3bd
-
SHA256
b03edbe5896abb2708213d19fe460a38493f7e8cb0eafb55d2ea33c0d176d3ce
-
SHA512
fabb826e12efaa159248df5e38c20b4f32b7371758e18fcaa7bb38c5afe7dff91932c5dd0819183f5aa9374d37eec206905ea0440f8feacaac0f07c3098e8861
-
SSDEEP
12288:f46X/r3k5JVYe1qIE/s8/YYQZim2UoNoYqhfVf78aLWchH:f46X/I3Vt1qjYpZ9oNgj5bhH
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-