Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.5b391f8b4bf3c7f29e6f0d770b2d04e0_JC.exe

  • Size

    1.1MB

  • Sample

    231101-kvl5paeb9s

  • MD5

    5b391f8b4bf3c7f29e6f0d770b2d04e0

  • SHA1

    a905c112cf04f41e93c72b009b6d319c086243a7

  • SHA256

    726769b2b9ad1d7e84b107c982944aa1335012b2200b46b8197e7eb232c32abd

  • SHA512

    2cfa8b8ec34c18f80f256150d3f0e1738d822fb042d19ea445e0139b997c572ad874c24347ee0c6df8eaffe9bac21312119bbfc729021c274ae543805fb6e213

  • SSDEEP

    24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/BA9:8j4EmZNE

Malware Config

Extracted

Family

stealc

C2

http://tetromask.site

Attributes
  • url_path

    /b5c586aec2e1004c.php

rc4.plain

Targets

    • Target

      NEAS.5b391f8b4bf3c7f29e6f0d770b2d04e0_JC.exe

    • Size

      1.1MB

    • MD5

      5b391f8b4bf3c7f29e6f0d770b2d04e0

    • SHA1

      a905c112cf04f41e93c72b009b6d319c086243a7

    • SHA256

      726769b2b9ad1d7e84b107c982944aa1335012b2200b46b8197e7eb232c32abd

    • SHA512

      2cfa8b8ec34c18f80f256150d3f0e1738d822fb042d19ea445e0139b997c572ad874c24347ee0c6df8eaffe9bac21312119bbfc729021c274ae543805fb6e213

    • SSDEEP

      24576:8eh4biccwWcz+9N+gigYb484ecjxJjpZ/BA9:8j4EmZNE

    • Stealc

      Stealc is an infostealer written in C++.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks