Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a81c46a52523e78bfd1615e1c723f30N.exe
-
Size
146KB
-
Sample
240821-qr9dpsthpn
-
MD5
6a81c46a52523e78bfd1615e1c723f30
-
SHA1
b1276556f6873ba29e02206d3dfe3257fea852fe
-
SHA256
7857216819f2655574dfbef7833b68b70dd2ff60fe4d1326d374590e9395e50a
-
SHA512
d7df7857f46935bfd0549bada703147ca518e9538b8e89b019365fca72edbc232acbd2e43a1ca7914a03df9b2978a0875cf816c0c9e7d6b15af42c0945aa4d6f
-
SSDEEP
3072:zr8WDrCykbAYn2GgYlBYN2fHYTo+krt8wDSRUTT:PuTbAMpgY3gTC8DRUTT
Malware Config
Targets
-
-
Target
6a81c46a52523e78bfd1615e1c723f30N.exe
-
Size
146KB
-
MD5
6a81c46a52523e78bfd1615e1c723f30
-
SHA1
b1276556f6873ba29e02206d3dfe3257fea852fe
-
SHA256
7857216819f2655574dfbef7833b68b70dd2ff60fe4d1326d374590e9395e50a
-
SHA512
d7df7857f46935bfd0549bada703147ca518e9538b8e89b019365fca72edbc232acbd2e43a1ca7914a03df9b2978a0875cf816c0c9e7d6b15af42c0945aa4d6f
-
SSDEEP
3072:zr8WDrCykbAYn2GgYlBYN2fHYTo+krt8wDSRUTT:PuTbAMpgY3gTC8DRUTT
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-