Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07596ca20b3e197f4e03f9a88cd163ddeff5b6f521df937ffb1e0ef9746a78b6

  • Size

    136KB

  • Sample

    220727-zky4tshdcm

  • MD5

    a64c16946bf03bfa2c52aba4dd0b55cc

  • SHA1

    7e048b042f7eee728bbac2720716bae32c9a236a

  • SHA256

    07596ca20b3e197f4e03f9a88cd163ddeff5b6f521df937ffb1e0ef9746a78b6

  • SHA512

    0289c12d8b8b4af7dca30cf862f252a14698a17dbf7d2b71eb941ec72b3eb5bc72a1c034eb4c19720ee04a943af7183758d08c9bb7abfdb224cee31b12d9921d

Malware Config

Targets

    • Target

      07596ca20b3e197f4e03f9a88cd163ddeff5b6f521df937ffb1e0ef9746a78b6

    • Size

      136KB

    • MD5

      a64c16946bf03bfa2c52aba4dd0b55cc

    • SHA1

      7e048b042f7eee728bbac2720716bae32c9a236a

    • SHA256

      07596ca20b3e197f4e03f9a88cd163ddeff5b6f521df937ffb1e0ef9746a78b6

    • SHA512

      0289c12d8b8b4af7dca30cf862f252a14698a17dbf7d2b71eb941ec72b3eb5bc72a1c034eb4c19720ee04a943af7183758d08c9bb7abfdb224cee31b12d9921d

    • StormKitty

      StormKitty is an open source info stealer written in C#.

    • StormKitty payload

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.