Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5b0017ef2fbd79d5365657aca35863bbaf7609616b207e7d68e293652bc41b23

  • Size

    239KB

  • Sample

    231102-t1lwjsfb3t

  • MD5

    d11243a9aea023b79805ce4c0935af8a

  • SHA1

    99942470433c5398602d36a58c2ddced623f2f2f

  • SHA256

    5b0017ef2fbd79d5365657aca35863bbaf7609616b207e7d68e293652bc41b23

  • SHA512

    41ba65d816c1348a35a7e197c701c1566a6dab89563774fb860c11c134d12be728f487fdb5c53101f00cfb83b35da84164982f3709425153d67cfeada8d4960b

  • SSDEEP

    3072:FLoeHIHPbxSC3EXuEfS4UkDzqLmLrDweMsllTLO2Pmw2i0xYTAV:BoFHPbxIXuES4/vkm/DweMsjLOomY0i

Malware Config

Extracted

Family

stealc

C2

http://ronaldrichards.icu

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Targets

    • Target

      5b0017ef2fbd79d5365657aca35863bbaf7609616b207e7d68e293652bc41b23

    • Size

      239KB

    • MD5

      d11243a9aea023b79805ce4c0935af8a

    • SHA1

      99942470433c5398602d36a58c2ddced623f2f2f

    • SHA256

      5b0017ef2fbd79d5365657aca35863bbaf7609616b207e7d68e293652bc41b23

    • SHA512

      41ba65d816c1348a35a7e197c701c1566a6dab89563774fb860c11c134d12be728f487fdb5c53101f00cfb83b35da84164982f3709425153d67cfeada8d4960b

    • SSDEEP

      3072:FLoeHIHPbxSC3EXuEfS4UkDzqLmLrDweMsllTLO2Pmw2i0xYTAV:BoFHPbxIXuES4/vkm/DweMsjLOomY0i

    • Stealc

      Stealc is an infostealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks