Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
build2.exe
-
Size
585KB
-
Sample
230521-tt757sdh5x
-
MD5
cbfca6bac76bae78506b23ef0c5f2a20
-
SHA1
ec0998d7e46b457432a4de49b3dc8330ae892254
-
SHA256
15fedc86e87841c141b113efa635ef5b7d28f7cf906597a60354cd2d3ba85e3b
-
SHA512
a5d1b700184e4c2412315ee092ae2086985f013c684c843e489080cd4460f020957d8e4553eff36aef58a1b83416a84cd262c448038522987fb8bf60db956375
-
SSDEEP
12288:q5uHsKs5FNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFFc5cbc1cT:q5GTD+b
Malware Config
Targets
-
-
Target
build2.exe
-
Size
585KB
-
MD5
cbfca6bac76bae78506b23ef0c5f2a20
-
SHA1
ec0998d7e46b457432a4de49b3dc8330ae892254
-
SHA256
15fedc86e87841c141b113efa635ef5b7d28f7cf906597a60354cd2d3ba85e3b
-
SHA512
a5d1b700184e4c2412315ee092ae2086985f013c684c843e489080cd4460f020957d8e4553eff36aef58a1b83416a84cd262c448038522987fb8bf60db956375
-
SSDEEP
12288:q5uHsKs5FNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFFc5cbc1cT:q5GTD+b
Score10/10-
StormKitty
StormKitty is an open source info stealer written in C#.
-
StormKitty payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-