Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Nezur_Executor.zip

windows7-x64

1

Nezur_Executor.zip

windows10-2004-x64

1

Nezur_Inte...s.json

windows7-x64

3

Nezur_Inte...s.json

windows10-2004-x64

3

Nezur_Inte...rprint

windows7-x64

3

Nezur_Inte...rprint

windows10-2004-x64

3

Nezur_Inte...t.json

windows7-x64

3

Nezur_Inte...t.json

windows10-2004-x64

3

Nezur_Inte...s.json

windows7-x64

3

Nezur_Inte...s.json

windows10-2004-x64

3

Nezur_Inte...crumbs

windows7-x64

1

Nezur_Inte...crumbs

windows10-2004-x64

1

Nezur_Inte...7C.pma

windows7-x64

3

Nezur_Inte...7C.pma

windows10-2004-x64

3

Nezur_Inte...1C.pma

windows7-x64

3

Nezur_Inte...1C.pma

windows10-2004-x64

3

Nezur_Inte...rl-set

windows7-x64

1

Nezur_Inte...rl-set

windows10-2004-x64

1

Nezur_Inte...rprint

windows7-x64

3

Nezur_Inte...rprint

windows10-2004-x64

3

Nezur_Inte...t.json

windows7-x64

3

Nezur_Inte...t.json

windows10-2004-x64

3

Nezur_Inte...gs.dat

windows7-x64

3

Nezur_Inte...gs.dat

windows10-2004-x64

3

Nezur_Inte...re.dat

windows7-x64

3

Nezur_Inte...re.dat

windows10-2004-x64

3

Nezur_Inte...ve.pma

windows7-x64

3

Nezur_Inte...ve.pma

windows10-2004-x64

3

Nezur_Inte...data_0

windows7-x64

1

Nezur_Inte...data_0

windows10-2004-x64

1

Nezur_Inte...data_1

windows7-x64

1

Nezur_Inte...data_1

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nezur_Executor.zip

  • Size

    40.6MB

  • Sample

    240911-p4832a1hlf

  • MD5

    ca1a4380351b3ac3deb02121ca7fe834

  • SHA1

    623653b1db860244da87e5f1f9f57664e189742f

  • SHA256

    4c3d790cd1d2d9da3fd730a36749a2f243b81bcf07b7996da644b58cd0196f86

  • SHA512

    c99bf4a5e5c1adacab4e3998e6b39caa9c505ab0327b5aa679d9d2c367474041a875e8faa34f69cf09741cc54001016265696424d57e3666cff14c15c75ecc3b

  • SSDEEP

    786432:697Cn4V8iuXcfyrQ9JhotaS9rv+i+OjdRjtwFKIpeq83Wr/KJiLjRVJnGfMTi:6snuuIIAEdRvHji8qqiKoNnnGr

Score
3/10
discovery

Malware Config

Targets

    • Target

      Nezur_Executor.zip

    • Size

      40.6MB

    • MD5

      ca1a4380351b3ac3deb02121ca7fe834

    • SHA1

      623653b1db860244da87e5f1f9f57664e189742f

    • SHA256

      4c3d790cd1d2d9da3fd730a36749a2f243b81bcf07b7996da644b58cd0196f86

    • SHA512

      c99bf4a5e5c1adacab4e3998e6b39caa9c505ab0327b5aa679d9d2c367474041a875e8faa34f69cf09741cc54001016265696424d57e3666cff14c15c75ecc3b

    • SSDEEP

      786432:697Cn4V8iuXcfyrQ9JhotaS9rv+i+OjdRjtwFKIpeq83Wr/KJiLjRVJnGfMTi:6snuuIIAEdRvHji8qqiKoNnnGr

    Score
    1/10
    behavioral1behavioral2

    • Target

      Nezur_Interface.deps.json

    • Size

      2KB

    • MD5

      b8394a7fd229ac896063656faa549c14

    • SHA1

      310e668394d86b54c44652d353d36697a65b68e3

    • SHA256

      862e148edf85fef33459c7915ae34f98ccbe8fe3f2d276f2a8458c8ac2afbc15

    • SHA512

      7b0a913cd975cd232739c60534967abbeb1c32eafd38b2fd80894444505ff4999865517d629c3ae4e3161c2e2c5276d2f51646f32d7944c89ab3c1aed4177c14

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint

    • Size

      66B

    • MD5

      0c9218609241dbaa26eba66d5aaf08ab

    • SHA1

      31f1437c07241e5f075268212c11a566ceb514ec

    • SHA256

      52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b

    • SHA512

      5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json

    • Size

      134B

    • MD5

      58d3ca1189df439d0538a75912496bcf

    • SHA1

      99af5b6a006a6929cc08744d1b54e3623fec2f36

    • SHA256

      a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437

    • SHA512

      afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json

    • Size

      3KB

    • MD5

      6bbb18bb210b0af189f5d76a65f7ad80

    • SHA1

      87b804075e78af64293611a637504273fadfe718

    • SHA256

      01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c

    • SHA512

      4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/Breadcrumbs

    • Size

      5KB

    • MD5

      1f75233a82303ab70d5a1773f011bf58

    • SHA1

      9ae9ea42f2c6382083c350fdadd086d0b0881816

    • SHA256

      5aa38d51814608aa9ee8cce514f942da9ef8291dc2ae365d4fff4878dcd30721

    • SHA512

      925685167152a07e954018c00c60895fa55f1a92d3bfcd36d64a228c7106396020ca20cc30037d23770deb0561b571a07079e1f896c79ca5a70eb70e39201720

    • SSDEEP

      24:EVo9LhSTkqGDmVo9LhSTkqGAmVo9LhSTkqG0IVo9LhSTkqGQq8IVo9LhSTkqGzx:E+Iwm+Ibm+ItI+IlJI+Ii

    Score
    1/10
    behavioral11behavioral12

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9A3F-707C.pma

    • Size

      1.2MB

    • MD5

      9b37de479b5376ffc3722ffdeb49631f

    • SHA1

      95547905366d95a5ca92f31ad850a0ba3bded9fd

    • SHA256

      d1ad5c7a8c0802bb45de4cba6620bab00c6e780e48e45366ad4c46cfad284de9

    • SHA512

      9a0f171a5bd0437e1b5f03c216dba6a85b581a6781382c055eee402856cfd445bab68c932d1ebe841d6831adc575201a538e406d84441e3fa3e43a1c1d0e9ebe

    • SSDEEP

      6144:PjbN56EaH7M4ivD0/JpopuhNLfSm7YSJi:l56nbUS5Hb

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9B8F-861C.pma

    • Size

      1.2MB

    • MD5

      238daf174c6ed40b8eb3df1769305271

    • SHA1

      f3baeba758b5ed726a98191cfa9435e36b37928d

    • SHA256

      a2f2998803273a5177e7761d79534e37bbfef70af7ad5eaa7c4164da09c33f34

    • SHA512

      68ae927f4e372c19ae776155403e05266c560f7b31a83e595c12ba90aeec5491a6dfc133f1b50d1bfe3c62d13cd6884fffbd3ff9b030731a9cb68aec8c02e6c1

    • SSDEEP

      3072:pTWGxT/KbKTx3FphAg1HFZ8PF+ivHECHAP0eXaKToCQq:5BTp3F8aH7GNvHdsXzToCQq

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/crl-set

    • Size

      21KB

    • MD5

      d246e8dc614619ad838c649e09969503

    • SHA1

      70b7cf937136e17d8cf325b7212f58cba5975b53

    • SHA256

      9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1

    • SHA512

      736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb

    • SSDEEP

      384:Vt71+czeWhU6yVS2Ddc0fp/9yYoIJgWUeJuDzeG0LOsr2h9ltQYX9hVPz/HG1pBu:j4sBwVPDdFhVyYoPWUiuXeG0K5dQYXFr

    Score
    1/10
    behavioral17behavioral18

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.fingerprint

    • Size

      66B

    • MD5

      33fc4bf1927352bc1845acdde3a6ba63

    • SHA1

      63ac2f004ac10198e729e9ccf55f6ac4f7f3c622

    • SHA256

      4ed04e713c9d8f5d80e83645b62f1be84ec0516d37f339b3d443d8f792dea113

    • SHA512

      7e38e264713750baf58dd9ad779885a7aae5a6fcb825eaa44b3cf814dd09cd0bf8f95b5ab5db600d19a64b02ec2155b4c9a3bc2a86e9b18eece8b3100e8c2ff1

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.json

    • Size

      113B

    • MD5

      b6911958067e8d96526537faed1bb9ef

    • SHA1

      a47b5be4fe5bc13948f891d8f92917e3a11ebb6e

    • SHA256

      341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648

    • SHA512

      62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062

    Score
    3/10
    discovery
    behavioral21behavioral22

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/Crashpad/settings.dat

    • Size

      280B

    • MD5

      4a926fa9dd210cf5a67b0db875312045

    • SHA1

      605705863f2d295c20ab03c1703982b177805b3b

    • SHA256

      2ec07e12fe2470b7f5fd0e6ad82161e0d49aaee76689c579b80c5bd9d7c6f18d

    • SHA512

      7947157aa20ebe86780e53334dd10a6a22e7cfa6d92a3a44058fdae7aa5ce688099432929cf4b2b509075022892f9ea1563276426cc86e399980dbc4614f960c

    Score
    3/10
    discovery
    behavioral23behavioral24

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/Crashpad/throttle_store.dat

    • Size

      20B

    • MD5

      9e4e94633b73f4a7680240a0ffd6cd2c

    • SHA1

      e68e02453ce22736169a56fdb59043d33668368f

    • SHA256

      41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304

    • SHA512

      193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/CrashpadMetrics-active.pma

    • Size

      16KB

    • MD5

      cbb7b43e319785607876914fb737a32b

    • SHA1

      e921e4b2602a9316d1104d7adc24e497b106c916

    • SHA256

      ad9334d3318afea2d3c9c4f42b94a040c8bf657d612825573fc2b2d1189d3090

    • SHA512

      655624930fcd93332cab1269c3c8afe9a69bd12ea7931627691c3a074de4f09a21168eb6c8350fec280739f0425267c8ffcf124ab93723a12fcbec46cdbaaa9c

    • SSDEEP

      12:bCsEXhVMMBKiSCemJKlkQyqXxVhYJ0I+pPK6BsyW1inP6:bCPROMMiS+MkgxYWIE1BtXP

    Score
    3/10
    discovery
    behavioral27behavioral28

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0

    • Size

      44KB

    • MD5

      e16b6e23f0e621ea5b329e0cf5c5a5d2

    • SHA1

      b5ce58d902c5d252c229c14a113e432a5d9e881d

    • SHA256

      f9be1856c0af0444407c905c99fb582ba435c1cffc2db6e57c0ff939b6a853a0

    • SHA512

      a0091bcd142c1cde4df1b016c36d4fa748a95a2bbf9ffcc119dcef069b39fdb6546b438f67853fce01cae8b95a53694cd43a7bd4db7abfcd0b953956a073d618

    • SSDEEP

      24:dnhE8CYMCmgw4ad0o/7k8WJ08x00xL1md+Xu+QQCmwgjeVORasm7L:bEVYMCmhr00p8xZx5mdyu9g5ksm7L

    Score
    1/10
    behavioral29behavioral30

    • Target

      Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1

    • Size

      264KB

    • MD5

      a93ec261f5741390a1cf51d936c3cbbe

    • SHA1

      85f142338ab9dc4970685a4b70a9efc4a0488448

    • SHA256

      2b085b59d34f328437380f1001036f89fa2a574ebd12edbbe98cc0c5d3eed188

    • SHA512

      d18ef986ad564e9dd11cb2349efbad4bb604d6299bb42e6842c91785e21ee9fe7faad8f70f81948e7a71004b4ea4cf6c11333e51b488062285fabd53062dd9f1

    • SSDEEP

      768:225G2UvUtf/e4CA01f6cwWwFHa37VuknHf0un:2Fy8E

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

discovery
Score
3/10

behavioral4

Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

discovery
Score
3/10

behavioral14

Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

discovery
Score
3/10

behavioral20

Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

Score
3/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10