Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Tiger Stock_20180517.exe
-
Size
3.3MB
-
Sample
230614-pwpz7aha98
-
MD5
4ea12c2a4b9d5d02f39d5e028f94dd17
-
SHA1
0459586d1fc703780a13a8a84aefc9ea8f076acb
-
SHA256
e1173c0d41cefba870204cb15a7f6a7825bfa3a9a7ce370d431ef922126b1de6
-
SHA512
ea5ecd4769e357392ac2c325b6569961d1aa8c112ed322f04cda558fbf685ea606ad0ca3c205693f2ba862d74a16b5aebaa001ce9255c9a643999ad0aa72742a
-
SSDEEP
49152:Kz32Lnt49YMJM4YKU6YIODur1/hcwxXVTrnW52hN:KiJWJM41UTDur1/uAlWI
Malware Config
Targets
-
-
Target
Tiger Stock_20180517.exe
-
Size
3.3MB
-
MD5
4ea12c2a4b9d5d02f39d5e028f94dd17
-
SHA1
0459586d1fc703780a13a8a84aefc9ea8f076acb
-
SHA256
e1173c0d41cefba870204cb15a7f6a7825bfa3a9a7ce370d431ef922126b1de6
-
SHA512
ea5ecd4769e357392ac2c325b6569961d1aa8c112ed322f04cda558fbf685ea606ad0ca3c205693f2ba862d74a16b5aebaa001ce9255c9a643999ad0aa72742a
-
SSDEEP
49152:Kz32Lnt49YMJM4YKU6YIODur1/hcwxXVTrnW52hN:KiJWJM41UTDur1/uAlWI
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-