Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f17174268a69045cc443295f17a32b76ab2ccd908e3fa0ab880e6a2c0a1a6ba
-
Size
837KB
-
Sample
221020-d3n6pacdb3
-
MD5
816aa88d1695d63d7493ae6d360f235c
-
SHA1
6ee14a1b7bedd9eaf4042f797d4a06bf1fbdaef6
-
SHA256
5f17174268a69045cc443295f17a32b76ab2ccd908e3fa0ab880e6a2c0a1a6ba
-
SHA512
e038533a57ed1a2700775df10f4bc70c1b2b751113d43ce2a597b5811ee72591955bf4d298299b643f83fb97cfd8649d61a9e211c5db511dd5818d63584f95c6
-
SSDEEP
12288:svGkvn6WIi9aDhoFPp37jtHslw7QdtL8L4f7mpEqUvmyXLgbvVi8lT:kd6WIioDh+PzMlAn1mV8T
Malware Config
Targets
-
-
Target
5f17174268a69045cc443295f17a32b76ab2ccd908e3fa0ab880e6a2c0a1a6ba
-
Size
837KB
-
MD5
816aa88d1695d63d7493ae6d360f235c
-
SHA1
6ee14a1b7bedd9eaf4042f797d4a06bf1fbdaef6
-
SHA256
5f17174268a69045cc443295f17a32b76ab2ccd908e3fa0ab880e6a2c0a1a6ba
-
SHA512
e038533a57ed1a2700775df10f4bc70c1b2b751113d43ce2a597b5811ee72591955bf4d298299b643f83fb97cfd8649d61a9e211c5db511dd5818d63584f95c6
-
SSDEEP
12288:svGkvn6WIi9aDhoFPp37jtHslw7QdtL8L4f7mpEqUvmyXLgbvVi8lT:kd6WIioDh+PzMlAn1mV8T
Score10/10-
Modifies system executable filetype association
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-