Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5c3eb5b07a659a40a9ae64ff894a99ba28e37396025e79ae5ac69da610b00605_JC.js

  • Size

    4.9MB

  • Sample

    231011-2j7qpabb67

  • MD5

    64ac20e66888256f82b39f5da285dbdb

  • SHA1

    30f70383bce411d3c786609ff3743fd46ffd9183

  • SHA256

    5c3eb5b07a659a40a9ae64ff894a99ba28e37396025e79ae5ac69da610b00605

  • SHA512

    bed46026e831ac1f1edcf51be4b3e3f6643121a791a809543642e2864f7ca55b9dfc34c13ff1f0380204ad7af9b7ccdc0cdc514cc71bc972df218030598f281a

  • SSDEEP

    24576:F4gLbd4/jdgj6XF83IVmQqbNMpFokXb8hDr2wxvJzX5BGdzJhTfSrDyQgPQMXQLc:B4hv1c5ipfYBrnzmPbSqEhcvbUbU1

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      5c3eb5b07a659a40a9ae64ff894a99ba28e37396025e79ae5ac69da610b00605_JC.js

    • Size

      4.9MB

    • MD5

      64ac20e66888256f82b39f5da285dbdb

    • SHA1

      30f70383bce411d3c786609ff3743fd46ffd9183

    • SHA256

      5c3eb5b07a659a40a9ae64ff894a99ba28e37396025e79ae5ac69da610b00605

    • SHA512

      bed46026e831ac1f1edcf51be4b3e3f6643121a791a809543642e2864f7ca55b9dfc34c13ff1f0380204ad7af9b7ccdc0cdc514cc71bc972df218030598f281a

    • SSDEEP

      24576:F4gLbd4/jdgj6XF83IVmQqbNMpFokXb8hDr2wxvJzX5BGdzJhTfSrDyQgPQMXQLc:B4hv1c5ipfYBrnzmPbSqEhcvbUbU1

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks