Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

26/08/2023, 19:03

230826-xqhypacf65 8

26/08/2023, 18:13

230826-wtzvyaec51 1

26/08/2023, 18:03

230826-wm93bscd95 10

26/08/2023, 18:03

230826-wm463sec3w 1

26/08/2023, 18:00

230826-wlsfwscd78 10

26/08/2023, 11:10

230826-m94z6ahf86 10

26/08/2023, 11:04

230826-m6lz6sbe7t 10

General

  • Target

    http://t.me/excellent_stalcraft

  • Sample

    230826-xqhypacf65

Malware Config

Targets

    • Target

      http://t.me/excellent_stalcraft

    • Downloads MZ/PE file

    • Modifies Windows Firewall

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks