Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.03106a8f6ba6c7b7172b3c5bf07129d0.exe
-
Size
5.6MB
-
Sample
231028-wl8swadc4z
-
MD5
03106a8f6ba6c7b7172b3c5bf07129d0
-
SHA1
3f55d8d9978c6bd77e4a50fa8def1ae0955c773f
-
SHA256
fc833521c8217cee92276e968b0360ab304d3e3a01053f63580d0139a8c0b13a
-
SHA512
73b1486696527a901ba07e1a19a24bec34312b6f096bc5e8b302ca91b46cd0e5c80118debf78be0fe62f0c08e5181e282534ad6f7ee21d987e5ce9a21a9f6f5f
-
SSDEEP
49152:Dc8+u/2bQC+NL2PmrkoCbGgdQMuzVZywWNSQy/E2LJuVzn1498B7MV33/q2kG1N6:vkj4L2obbTcT1B83vdr0Ol/Wy5i
Malware Config
Targets
-
-
Target
NEAS.03106a8f6ba6c7b7172b3c5bf07129d0.exe
-
Size
5.6MB
-
MD5
03106a8f6ba6c7b7172b3c5bf07129d0
-
SHA1
3f55d8d9978c6bd77e4a50fa8def1ae0955c773f
-
SHA256
fc833521c8217cee92276e968b0360ab304d3e3a01053f63580d0139a8c0b13a
-
SHA512
73b1486696527a901ba07e1a19a24bec34312b6f096bc5e8b302ca91b46cd0e5c80118debf78be0fe62f0c08e5181e282534ad6f7ee21d987e5ce9a21a9f6f5f
-
SSDEEP
49152:Dc8+u/2bQC+NL2PmrkoCbGgdQMuzVZywWNSQy/E2LJuVzn1498B7MV33/q2kG1N6:vkj4L2obbTcT1B83vdr0Ol/Wy5i
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-