Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f.exe
-
Size
40KB
-
Sample
241127-bkdacswjgk
-
MD5
0f94aa638e6d4b941666a47ab944b35f
-
SHA1
a9a9f606f3186e7f8c9f143f0c5daf39ef5868a2
-
SHA256
3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f
-
SHA512
c5738cbcb3f355e1a370e1900dd2dfdf003d19a1ffc06c4220c39b4b6cf6c514c64c709e4b85fd57498c33ab8c9ff961efc2f680e0a1cb53dd66353c3d27c1c2
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ4e:JxqjQ+P04wsmJCM
Malware Config
Targets
-
-
Target
3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f.exe
-
Size
40KB
-
MD5
0f94aa638e6d4b941666a47ab944b35f
-
SHA1
a9a9f606f3186e7f8c9f143f0c5daf39ef5868a2
-
SHA256
3ca2cf99e713fc7f58dcc42f0b76d3133e985ba134ebc630a2deff01b15cc72f
-
SHA512
c5738cbcb3f355e1a370e1900dd2dfdf003d19a1ffc06c4220c39b4b6cf6c514c64c709e4b85fd57498c33ab8c9ff961efc2f680e0a1cb53dd66353c3d27c1c2
-
SSDEEP
768:eyxqjQl/EMQt4Oei7RwsHxyP7nbxzOQdJ4e:JxqjQ+P04wsmJCM
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Neshta family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-