Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.530e5456275541fd5ee1bf6ae45b43d0.exe
-
Size
378KB
-
Sample
231022-vv5bdafb99
-
MD5
530e5456275541fd5ee1bf6ae45b43d0
-
SHA1
8c5124a4db97094a7ad3cc2d8d5d1e6212b0006d
-
SHA256
0593a803d2734e979d86daccdfd17677cb047657baf6c672e7e32a2bfdee0295
-
SHA512
b43a0800d1891ec8afc943df07840e2f1a6c1e3c4b2c247b522665aea13955f69fdf10dd6c710250e42551fa136fee8a256e1301c07d249e9beb71b1e2c93406
-
SSDEEP
6144:NPDLCLqIo5R4nM/4AA4YjFmp3NJRV+LWby5HRVq+KcH+7Mdv0cF3PMSQOyQjAQTg:NPKL+qTiNV+LIy5HRVq+fhBFlQ4AQYd
Malware Config
Targets
-
-
Target
NEAS.530e5456275541fd5ee1bf6ae45b43d0.exe
-
Size
378KB
-
MD5
530e5456275541fd5ee1bf6ae45b43d0
-
SHA1
8c5124a4db97094a7ad3cc2d8d5d1e6212b0006d
-
SHA256
0593a803d2734e979d86daccdfd17677cb047657baf6c672e7e32a2bfdee0295
-
SHA512
b43a0800d1891ec8afc943df07840e2f1a6c1e3c4b2c247b522665aea13955f69fdf10dd6c710250e42551fa136fee8a256e1301c07d249e9beb71b1e2c93406
-
SSDEEP
6144:NPDLCLqIo5R4nM/4AA4YjFmp3NJRV+LWby5HRVq+KcH+7Mdv0cF3PMSQOyQjAQTg:NPKL+qTiNV+LIy5HRVq+fhBFlQ4AQYd
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-