Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6639950729836.zip

  • Size

    563KB

  • Sample

    230718-ny1n2ahg66

  • MD5

    7e94906a24ad210fd638901b9751ca93

  • SHA1

    7fe1a4a9252d6e75679129cc1c860c2240b84217

  • SHA256

    90fdd5813bf115673f5220b77dc68f450cac9f467700b6f1abaeb5260ccd771b

  • SHA512

    d245eaaaab3e5ef45804570f578ae9d1ee8e9efb97e6b113817bcfad0bfc92fa2aef72173bb3e4b3214a7ec0387912130939cd25f305bc4cfb12810a1c3a1033

  • SSDEEP

    12288:rZfzh36Y+RHGYsYovkBcuLRLltMw6+nhToD:lNqjHGxYokmuLRNtuD

Score
10/10

Malware Config

Extracted

Family

strela

C2

91.215.85.209

Targets

    • Target

      6639950729836.js

    • Size

      74.0MB

    • MD5

      e5a55b225ad42f2b7e478a984655a2c2

    • SHA1

      1885af9595e2b236b11f7a9c5f772ccbf1005afc

    • SHA256

      e007dd656023560ad7f1552a6c912a94a7a0e91e17f2394bcd2a634b6cf68bb8

    • SHA512

      b99f9d112f0af34903b66bfc82f1ee28119f420ac0c138c7870177439c179eb2ab484360c8ac50575ec58c9af9a2fdd73bb7f091281224a43b8fbb9689301e7e

    • SSDEEP

      24576:kDSFysLyxcKqk5PZthZD39wSfF3qIbWeO5+81ZMJx4IxUt9JQi:2xg

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks