Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f.exe

  • Size

    40KB

  • Sample

    241127-bkdacswjgk

  • MD5

    0f94aa638e6d4b941666a47ab944b35f

  • SHA1

    a9a9f606f3186e7f8c9f143f0c5daf39ef5868a2

  • SHA256

    3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f

  • SHA512

    c5738cbcb3f355e1a370e1900dd2dfdf003d19a1ffc06c4220c39b4b6cf6c514c64c709e4b85fd57498c33ab8c9ff961efc2f680e0a1cb53dd66353c3d27c1c2

  • SSDEEP

    768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ4e:JxqjQ+P04wsmJCM

Malware Config

Targets

    • Target

      3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f.exe

    • Size

      40KB

    • MD5

      0f94aa638e6d4b941666a47ab944b35f

    • SHA1

      a9a9f606f3186e7f8c9f143f0c5daf39ef5868a2

    • SHA256

      3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f

    • SHA512

      c5738cbcb3f355e1a370e1900dd2dfdf003d19a1ffc06c4220c39b4b6cf6c514c64c709e4b85fd57498c33ab8c9ff961efc2f680e0a1cb53dd66353c3d27c1c2

    • SSDEEP

      768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ4e:JxqjQ+P04wsmJCM

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Neshta family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.