Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3Nezur_Executor.zip
windows7-x64
1Nezur_Executor.zip
windows10-2004-x64
1Nezur_Inte...s.json
windows7-x64
3Nezur_Inte...s.json
windows10-2004-x64
3Nezur_Inte...rprint
windows7-x64
3Nezur_Inte...rprint
windows10-2004-x64
3Nezur_Inte...t.json
windows7-x64
3Nezur_Inte...t.json
windows10-2004-x64
3Nezur_Inte...s.json
windows7-x64
3Nezur_Inte...s.json
windows10-2004-x64
3Nezur_Inte...crumbs
windows7-x64
1Nezur_Inte...crumbs
windows10-2004-x64
1Nezur_Inte...7C.pma
windows7-x64
3Nezur_Inte...7C.pma
windows10-2004-x64
3Nezur_Inte...1C.pma
windows7-x64
3Nezur_Inte...1C.pma
windows10-2004-x64
3Nezur_Inte...rl-set
windows7-x64
1Nezur_Inte...rl-set
windows10-2004-x64
1Nezur_Inte...rprint
windows7-x64
3Nezur_Inte...rprint
windows10-2004-x64
3Nezur_Inte...t.json
windows7-x64
3Nezur_Inte...t.json
windows10-2004-x64
3Nezur_Inte...gs.dat
windows7-x64
3Nezur_Inte...gs.dat
windows10-2004-x64
3Nezur_Inte...re.dat
windows7-x64
3Nezur_Inte...re.dat
windows10-2004-x64
3Nezur_Inte...ve.pma
windows7-x64
3Nezur_Inte...ve.pma
windows10-2004-x64
3Nezur_Inte...data_0
windows7-x64
1Nezur_Inte...data_0
windows10-2004-x64
1Nezur_Inte...data_1
windows7-x64
1Nezur_Inte...data_1
windows10-2004-x64
1General
-
Target
Nezur_Executor.zip
-
Size
40.6MB
-
Sample
240911-p4832a1hlf
-
MD5
ca1a4380351b3ac3deb02121ca7fe834
-
SHA1
623653b1db860244da87e5f1f9f57664e189742f
-
SHA256
4c3d790cd1d2d9da3fd730a36749a2f243b81bcf07b7996da644b58cd0196f86
-
SHA512
c99bf4a5e5c1adacab4e3998e6b39caa9c505ab0327b5aa679d9d2c367474041a875e8faa34f69cf09741cc54001016265696424d57e3666cff14c15c75ecc3b
-
SSDEEP
786432:697Cn4V8iuXcfyrQ9JhotaS9rv+i+OjdRjtwFKIpeq83Wr/KJiLjRVJnGfMTi:6snuuIIAEdRvHji8qqiKoNnnGr
Static task
static1
Behavioral task
behavioral1
Sample
Nezur_Executor.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Nezur_Executor.zip
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Nezur_Interface.deps.json
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Nezur_Interface.deps.json
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Nezur_Interface.exe.WebView2/EBWebView/Breadcrumbs
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Nezur_Interface.exe.WebView2/EBWebView/Breadcrumbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9A3F-707C.pma
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9A3F-707C.pma
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9B8F-861C.pma
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9B8F-861C.pma
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/crl-set
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/crl-set
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.fingerprint
Resource
win7-20240729-en
Behavioral task
behavioral20
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.fingerprint
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.json
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.json
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/settings.dat
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/settings.dat
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Nezur_Interface.exe.WebView2/EBWebView/CrashpadMetrics-active.pma
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
Nezur_Interface.exe.WebView2/EBWebView/CrashpadMetrics-active.pma
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
Resource
win7-20240708-en
Behavioral task
behavioral30
Sample
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Nezur_Executor.zip
-
Size
40.6MB
-
MD5
ca1a4380351b3ac3deb02121ca7fe834
-
SHA1
623653b1db860244da87e5f1f9f57664e189742f
-
SHA256
4c3d790cd1d2d9da3fd730a36749a2f243b81bcf07b7996da644b58cd0196f86
-
SHA512
c99bf4a5e5c1adacab4e3998e6b39caa9c505ab0327b5aa679d9d2c367474041a875e8faa34f69cf09741cc54001016265696424d57e3666cff14c15c75ecc3b
-
SSDEEP
786432:697Cn4V8iuXcfyrQ9JhotaS9rv+i+OjdRjtwFKIpeq83Wr/KJiLjRVJnGfMTi:6snuuIIAEdRvHji8qqiKoNnnGr
Score1/10 -
-
-
Target
Nezur_Interface.deps.json
-
Size
2KB
-
MD5
b8394a7fd229ac896063656faa549c14
-
SHA1
310e668394d86b54c44652d353d36697a65b68e3
-
SHA256
862e148edf85fef33459c7915ae34f98ccbe8fe3f2d276f2a8458c8ac2afbc15
-
SHA512
7b0a913cd975cd232739c60534967abbeb1c32eafd38b2fd80894444505ff4999865517d629c3ae4e3161c2e2c5276d2f51646f32d7944c89ab3c1aed4177c14
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.fingerprint
-
Size
66B
-
MD5
0c9218609241dbaa26eba66d5aaf08ab
-
SHA1
31f1437c07241e5f075268212c11a566ceb514ec
-
SHA256
52493422ac4c18918dc91ef5c4d0e50c130ea3aa99915fa542b890a79ea94f2b
-
SHA512
5d25a1fb8d9e902647673975f13d7ca11e1f00f3c19449973d6b466d333198768e777b8cae5becef5c66c9a0c0ef320a65116b5070c66e3b9844461bb0ffa47f
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/manifest.json
-
Size
134B
-
MD5
58d3ca1189df439d0538a75912496bcf
-
SHA1
99af5b6a006a6929cc08744d1b54e3623fec2f36
-
SHA256
a946db31a6a985bdb64ea9f403294b479571ca3c22215742bdc26ea1cf123437
-
SHA512
afd7f140e89472d4827156ec1c48da488b0d06daaa737351c7bec6bc12edfc4443460c4ac169287350934ca66fb2f883347ed8084c62caf9f883a736243194a2
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/AutoLaunchProtocolsComponent/1.0.0.8/protocols.json
-
Size
3KB
-
MD5
6bbb18bb210b0af189f5d76a65f7ad80
-
SHA1
87b804075e78af64293611a637504273fadfe718
-
SHA256
01594d510a1bbc016897ec89402553eca423dfdc8b82bafbc5653bf0c976f57c
-
SHA512
4788edcfa3911c3bb2be8fc447166c330e8ac389f74e8c44e13238ead2fa45c8538aee325bd0d1cc40d91ad47dea1aa94a92148a62983144fdecff2130ee120d
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/Breadcrumbs
-
Size
5KB
-
MD5
1f75233a82303ab70d5a1773f011bf58
-
SHA1
9ae9ea42f2c6382083c350fdadd086d0b0881816
-
SHA256
5aa38d51814608aa9ee8cce514f942da9ef8291dc2ae365d4fff4878dcd30721
-
SHA512
925685167152a07e954018c00c60895fa55f1a92d3bfcd36d64a228c7106396020ca20cc30037d23770deb0561b571a07079e1f896c79ca5a70eb70e39201720
-
SSDEEP
24:EVo9LhSTkqGDmVo9LhSTkqGAmVo9LhSTkqG0IVo9LhSTkqGQq8IVo9LhSTkqGzx:E+Iwm+Ibm+ItI+IlJI+Ii
Score1/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9A3F-707C.pma
-
Size
1.2MB
-
MD5
9b37de479b5376ffc3722ffdeb49631f
-
SHA1
95547905366d95a5ca92f31ad850a0ba3bded9fd
-
SHA256
d1ad5c7a8c0802bb45de4cba6620bab00c6e780e48e45366ad4c46cfad284de9
-
SHA512
9a0f171a5bd0437e1b5f03c216dba6a85b581a6781382c055eee402856cfd445bab68c932d1ebe841d6831adc575201a538e406d84441e3fa3e43a1c1d0e9ebe
-
SSDEEP
6144:PjbN56EaH7M4ivD0/JpopuhNLfSm7YSJi:l56nbUS5Hb
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/BrowserMetrics/BrowserMetrics-66DF9B8F-861C.pma
-
Size
1.2MB
-
MD5
238daf174c6ed40b8eb3df1769305271
-
SHA1
f3baeba758b5ed726a98191cfa9435e36b37928d
-
SHA256
a2f2998803273a5177e7761d79534e37bbfef70af7ad5eaa7c4164da09c33f34
-
SHA512
68ae927f4e372c19ae776155403e05266c560f7b31a83e595c12ba90aeec5491a6dfc133f1b50d1bfe3c62d13cd6884fffbd3ff9b030731a9cb68aec8c02e6c1
-
SSDEEP
3072:pTWGxT/KbKTx3FphAg1HFZ8PF+ivHECHAP0eXaKToCQq:5BTp3F8aH7GNvHdsXzToCQq
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/crl-set
-
Size
21KB
-
MD5
d246e8dc614619ad838c649e09969503
-
SHA1
70b7cf937136e17d8cf325b7212f58cba5975b53
-
SHA256
9dd9fba7c78050b841643e8d12e58ba9cca9084c98039f1ebff13245655652e1
-
SHA512
736933316ee05520e7839db46da466ef94e5624ba61b414452b818b47d18dcd80d3404b750269da04912dde8f23118f6dfc9752c7bdf1afc5e07016d9c055fdb
-
SSDEEP
384:Vt71+czeWhU6yVS2Ddc0fp/9yYoIJgWUeJuDzeG0LOsr2h9ltQYX9hVPz/HG1pBu:j4sBwVPDdFhVyYoPWUiuXeG0K5dQYXFr
Score1/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.fingerprint
-
Size
66B
-
MD5
33fc4bf1927352bc1845acdde3a6ba63
-
SHA1
63ac2f004ac10198e729e9ccf55f6ac4f7f3c622
-
SHA256
4ed04e713c9d8f5d80e83645b62f1be84ec0516d37f339b3d443d8f792dea113
-
SHA512
7e38e264713750baf58dd9ad779885a7aae5a6fcb825eaa44b3cf814dd09cd0bf8f95b5ab5db600d19a64b02ec2155b4c9a3bc2a86e9b18eece8b3100e8c2ff1
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/CertificateRevocation/6498.2023.8.1/manifest.json
-
Size
113B
-
MD5
b6911958067e8d96526537faed1bb9ef
-
SHA1
a47b5be4fe5bc13948f891d8f92917e3a11ebb6e
-
SHA256
341b28d49c6b736574539180dd6de17c20831995fe29e7bc986449fbc5caa648
-
SHA512
62802f6f6481acb8b99a21631365c50a58eaf8ffdf7d9287d492a7b815c837d6a6377342e24350805fb8a01b7e67816c333ec98dcd16854894aeb7271ea39062
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/settings.dat
-
Size
280B
-
MD5
4a926fa9dd210cf5a67b0db875312045
-
SHA1
605705863f2d295c20ab03c1703982b177805b3b
-
SHA256
2ec07e12fe2470b7f5fd0e6ad82161e0d49aaee76689c579b80c5bd9d7c6f18d
-
SHA512
7947157aa20ebe86780e53334dd10a6a22e7cfa6d92a3a44058fdae7aa5ce688099432929cf4b2b509075022892f9ea1563276426cc86e399980dbc4614f960c
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/Crashpad/throttle_store.dat
-
Size
20B
-
MD5
9e4e94633b73f4a7680240a0ffd6cd2c
-
SHA1
e68e02453ce22736169a56fdb59043d33668368f
-
SHA256
41c91a9c93d76295746a149dce7ebb3b9ee2cb551d84365fff108e59a61cc304
-
SHA512
193011a756b2368956c71a9a3ae8bc9537d99f52218f124b2e64545eeb5227861d372639052b74d0dd956cb33ca72a9107e069f1ef332b9645044849d14af337
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/CrashpadMetrics-active.pma
-
Size
16KB
-
MD5
cbb7b43e319785607876914fb737a32b
-
SHA1
e921e4b2602a9316d1104d7adc24e497b106c916
-
SHA256
ad9334d3318afea2d3c9c4f42b94a040c8bf657d612825573fc2b2d1189d3090
-
SHA512
655624930fcd93332cab1269c3c8afe9a69bd12ea7931627691c3a074de4f09a21168eb6c8350fec280739f0425267c8ffcf124ab93723a12fcbec46cdbaaa9c
-
SSDEEP
12:bCsEXhVMMBKiSCemJKlkQyqXxVhYJ0I+pPK6BsyW1inP6:bCPROMMiS+MkgxYWIE1BtXP
Score3/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_0
-
Size
44KB
-
MD5
e16b6e23f0e621ea5b329e0cf5c5a5d2
-
SHA1
b5ce58d902c5d252c229c14a113e432a5d9e881d
-
SHA256
f9be1856c0af0444407c905c99fb582ba435c1cffc2db6e57c0ff939b6a853a0
-
SHA512
a0091bcd142c1cde4df1b016c36d4fa748a95a2bbf9ffcc119dcef069b39fdb6546b438f67853fce01cae8b95a53694cd43a7bd4db7abfcd0b953956a073d618
-
SSDEEP
24:dnhE8CYMCmgw4ad0o/7k8WJ08x00xL1md+Xu+QQCmwgjeVORasm7L:bEVYMCmhr00p8xZx5mdyu9g5ksm7L
Score1/10 -
-
-
Target
Nezur_Interface.exe.WebView2/EBWebView/Default/Cache/Cache_Data/data_1
-
Size
264KB
-
MD5
a93ec261f5741390a1cf51d936c3cbbe
-
SHA1
85f142338ab9dc4970685a4b70a9efc4a0488448
-
SHA256
2b085b59d34f328437380f1001036f89fa2a574ebd12edbbe98cc0c5d3eed188
-
SHA512
d18ef986ad564e9dd11cb2349efbad4bb604d6299bb42e6842c91785e21ee9fe7faad8f70f81948e7a71004b4ea4cf6c11333e51b488062285fabd53062dd9f1
-
SSDEEP
768:225G2UvUtf/e4CA01f6cwWwFHa37VuknHf0un:2Fy8E
Score1/10 -