Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d997bfdf3e557f77348736312e88f0f39d3cb359f8c6bce7bd82c73908bce045N.exe

  • Size

    465KB

  • Sample

    241117-x31n9swlft

  • MD5

    862e22ed53102f051e7c6d5e49305310

  • SHA1

    641876e8edeaca870ef15d986edeac78f664dd6e

  • SHA256

    d997bfdf3e557f77348736312e88f0f39d3cb359f8c6bce7bd82c73908bce045

  • SHA512

    626a01ae5fcd0d20e869675ff1b67080e4e6c935c3c42eab76fd3d1380dbe546eadf28ccf2cc70f4bfe05164c271a1353fce05c65c1530b7e5a6dbdaace50491

  • SSDEEP

    6144:Pul3L8RIqMmrQxYUDJzHRaR9bYLw5jMMYDct+Xp:k3LvJ81ORiNxMMYw+Xp

Malware Config

Targets

    • Target

      d997bfdf3e557f77348736312e88f0f39d3cb359f8c6bce7bd82c73908bce045N.exe

    • Size

      465KB

    • MD5

      862e22ed53102f051e7c6d5e49305310

    • SHA1

      641876e8edeaca870ef15d986edeac78f664dd6e

    • SHA256

      d997bfdf3e557f77348736312e88f0f39d3cb359f8c6bce7bd82c73908bce045

    • SHA512

      626a01ae5fcd0d20e869675ff1b67080e4e6c935c3c42eab76fd3d1380dbe546eadf28ccf2cc70f4bfe05164c271a1353fce05c65c1530b7e5a6dbdaace50491

    • SSDEEP

      6144:Pul3L8RIqMmrQxYUDJzHRaR9bYLw5jMMYDct+Xp:k3LvJ81ORiNxMMYw+Xp

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks