Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NEAS.53de52681666c9f76258224aac7e94e0.exe

  • Size

    222KB

  • Sample

    231104-p8dgxsaa6v

  • MD5

    53de52681666c9f76258224aac7e94e0

  • SHA1

    1f27f8e818e14008f400b795fa70a9793d82bfcb

  • SHA256

    eb54dab9a40c3f156794c2c4294e04a44e25232e32602d38882ff59057d223ca

  • SHA512

    e7b22b80c3b7a34c33e48b2c1f0b8c9dc298c32ee5c565cc898e63ddf300dd38ebd4f9a0f1708cbfa587264354ab9edebdb228934218c9ebbc51511f38b54600

  • SSDEEP

    3072:9Gfxo/K9iTrBKshNLRO1TRPx9fKqEw9/DQdH2sFip1NLg67ACLYOLjguk:98oVrBKV1tPz9NJp1N868BOLEv

Malware Config

Extracted

Family

stealc

C2

http://howardwood.top

Attributes
  • url_path

    /e9c345fc99a4e67e.php

rc4.plain

Targets

    • Target

      NEAS.53de52681666c9f76258224aac7e94e0.exe

    • Size

      222KB

    • MD5

      53de52681666c9f76258224aac7e94e0

    • SHA1

      1f27f8e818e14008f400b795fa70a9793d82bfcb

    • SHA256

      eb54dab9a40c3f156794c2c4294e04a44e25232e32602d38882ff59057d223ca

    • SHA512

      e7b22b80c3b7a34c33e48b2c1f0b8c9dc298c32ee5c565cc898e63ddf300dd38ebd4f9a0f1708cbfa587264354ab9edebdb228934218c9ebbc51511f38b54600

    • SSDEEP

      3072:9Gfxo/K9iTrBKshNLRO1TRPx9fKqEw9/DQdH2sFip1NLg67ACLYOLjguk:98oVrBKV1tPz9NJp1N868BOLEv

    • Stealc

      Stealc is an infostealer written in C++.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks