Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6113d465bdcfdb68db907ea3ca6ef14dbd3b166e7554bab271dc3aa2b3488621N
-
Size
1.1MB
-
Sample
241009-r9c9naxdnq
-
MD5
9121f55122a8bbf443163a6a215825c0
-
SHA1
bc13f94f222fafae220dba7f49d1f3accdacd028
-
SHA256
6113d465bdcfdb68db907ea3ca6ef14dbd3b166e7554bab271dc3aa2b3488621
-
SHA512
f5b465d2da5395b1cf971a8c53b42da618c2b9bd03967c5e8e5b8e99066c8c6f0094dc9e97e355263ee639236f4b3bcfab585d00c9e35afb4b1770e4fb102ae4
-
SSDEEP
12288:QZieLSoEq4rgwdMJSP81JFuJTtukZJyVqQnWSXho78tftKxKtsjWgcmIQwPNHtTl:neLSoMQStVZEgQt2QtFKWsjumbaNHNl
Malware Config
Targets
-
-
Target
6113d465bdcfdb68db907ea3ca6ef14dbd3b166e7554bab271dc3aa2b3488621N
-
Size
1.1MB
-
MD5
9121f55122a8bbf443163a6a215825c0
-
SHA1
bc13f94f222fafae220dba7f49d1f3accdacd028
-
SHA256
6113d465bdcfdb68db907ea3ca6ef14dbd3b166e7554bab271dc3aa2b3488621
-
SHA512
f5b465d2da5395b1cf971a8c53b42da618c2b9bd03967c5e8e5b8e99066c8c6f0094dc9e97e355263ee639236f4b3bcfab585d00c9e35afb4b1770e4fb102ae4
-
SSDEEP
12288:QZieLSoEq4rgwdMJSP81JFuJTtukZJyVqQnWSXho78tftKxKtsjWgcmIQwPNHtTl:neLSoMQStVZEgQt2QtFKWsjumbaNHNl
Score10/10-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-