Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
53afe9d9b6d3d99578268f0412eebcb0_NEIKI
-
Size
1.0MB
-
Sample
240507-2jhfssbg6v
-
MD5
53afe9d9b6d3d99578268f0412eebcb0
-
SHA1
03afa5c0a198ce0477c9d38fbde3415be07706fd
-
SHA256
4e46ef0aefb61df663f5528567a15ab8f3d7f9c6a3b181b9dcdf4fad5c9f191e
-
SHA512
97f9dae4daf66f5d72aa30afadff48d630328a2ed96335859b748e97e2afc9cebb1258aa266a92e753e5cd853aca6b0689f5bdc930d91eec1412c86d3ab0dee6
-
SSDEEP
12288:yiHFC+ndRNuG0LIX7K8L1d3cX3lvZo1Jhc4TEzWDtBX:Hz5X2M1d3cnFZo1JhcBaDtBX
Malware Config
Targets
-
-
Target
53afe9d9b6d3d99578268f0412eebcb0_NEIKI
-
Size
1.0MB
-
MD5
53afe9d9b6d3d99578268f0412eebcb0
-
SHA1
03afa5c0a198ce0477c9d38fbde3415be07706fd
-
SHA256
4e46ef0aefb61df663f5528567a15ab8f3d7f9c6a3b181b9dcdf4fad5c9f191e
-
SHA512
97f9dae4daf66f5d72aa30afadff48d630328a2ed96335859b748e97e2afc9cebb1258aa266a92e753e5cd853aca6b0689f5bdc930d91eec1412c86d3ab0dee6
-
SSDEEP
12288:yiHFC+ndRNuG0LIX7K8L1d3cX3lvZo1Jhc4TEzWDtBX:Hz5X2M1d3cnFZo1JhcBaDtBX
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-