Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.01d8281d1a6a2e6abca5a72111aa6d10.exe
-
Size
474KB
-
Sample
231102-jpzcdshc21
-
MD5
01d8281d1a6a2e6abca5a72111aa6d10
-
SHA1
e551b2d052830707d0358cacaddffd3a209f9cfd
-
SHA256
dc016f4b2737064cf1ffe09621246f991dd99e43b49f47ef8f8a424af4f336e0
-
SHA512
6be64df83c0fc4ed930f543d685604123d3009f4c2cd7ea20d0ed9a411af2e8e6767f2309466debd190e5fd47235264ac42d7f6bfb9bfbd3892dc6755e918e33
-
SSDEEP
12288:LWx4fXNjJId6LYJOvNklmhAIQLFPMdV4FgwO:JfXNjJId6LYIvLAPJkdV4KX
Malware Config
Targets
-
-
Target
NEAS.01d8281d1a6a2e6abca5a72111aa6d10.exe
-
Size
474KB
-
MD5
01d8281d1a6a2e6abca5a72111aa6d10
-
SHA1
e551b2d052830707d0358cacaddffd3a209f9cfd
-
SHA256
dc016f4b2737064cf1ffe09621246f991dd99e43b49f47ef8f8a424af4f336e0
-
SHA512
6be64df83c0fc4ed930f543d685604123d3009f4c2cd7ea20d0ed9a411af2e8e6767f2309466debd190e5fd47235264ac42d7f6bfb9bfbd3892dc6755e918e33
-
SSDEEP
12288:LWx4fXNjJId6LYJOvNklmhAIQLFPMdV4FgwO:JfXNjJId6LYIvLAPJkdV4KX
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-