Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    66840179011e152877aefe091cea8311422b801d1c189d0157be1ecf21742056.exe

  • Size

    8.0MB

  • Sample

    241117-sd63jaxjaq

  • MD5

    2ca42227981b788111af07f25ac6261c

  • SHA1

    64fd5cab7c5c038bd49eac315350f23c73c81660

  • SHA256

    66840179011e152877aefe091cea8311422b801d1c189d0157be1ecf21742056

  • SHA512

    8900015526f0264da322a257d552224479941044a415acf10f593a77761524848c1deb8387c189164ccb1b4f3d02990468996cf0003933e688f8cca884865654

  • SSDEEP

    196608:XbEGIvoTLRugGP9N2WDxovI1QBujVv133:gGT9O9NL2giBujR1n

Malware Config

Targets

    • Target

      66840179011e152877aefe091cea8311422b801d1c189d0157be1ecf21742056.exe

    • Size

      8.0MB

    • MD5

      2ca42227981b788111af07f25ac6261c

    • SHA1

      64fd5cab7c5c038bd49eac315350f23c73c81660

    • SHA256

      66840179011e152877aefe091cea8311422b801d1c189d0157be1ecf21742056

    • SHA512

      8900015526f0264da322a257d552224479941044a415acf10f593a77761524848c1deb8387c189164ccb1b4f3d02990468996cf0003933e688f8cca884865654

    • SSDEEP

      196608:XbEGIvoTLRugGP9N2WDxovI1QBujVv133:gGT9O9NL2giBujR1n

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks