Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

0aa234562c...1d.exe

windows7-x64

10

0aa234562c...1d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2023, 16:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0aa234562ce0bf67d4e737f8624d36246595aaada2600636f95edece48fe141d.exe

  • Size

    289KB

  • MD5

    1cb3a61bda12f936720f1c63bd35f373

  • SHA1

    b8a907e3b106603788c1ff9879692d2d8c24dbb2

  • SHA256

    0aa234562ce0bf67d4e737f8624d36246595aaada2600636f95edece48fe141d

  • SHA512

    e9adeaf84c7ef95615406943bda2b827d3700165ad5a68a8f3d0ac97f1ffce44c6e6b403da3f61e906815012f5812303f4aac414e6dab697aa9e2dda4f544c19

  • SSDEEP

    3072:VzBM0u2/iOoF7YFxXW5nhdXSOaw4hEUeDlig67YUQ5mESU/ICQj+/:Bq0uCnI7YFx8xAX6/I8

Score
10/10
stealcstealer

Malware Config

Extracted

Family

stealc

C2

http://finnmanninger.icu

Attributes
  • url_path

    /40d570f44e84a454.php

rc4.plain

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\0aa234562ce0bf67d4e737f8624d36246595aaada2600636f95edece48fe141d.exe
    "C:\Users\Admin\AppData\Local\Temp\0aa234562ce0bf67d4e737f8624d36246595aaada2600636f95edece48fe141d.exe"
    1⤵
      PID:1788

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1788-2-0x00000000002B0000-0x00000000002CB000-memory.dmp

      Filesize

      108KB

      Download

    • memory/1788-1-0x0000000002B40000-0x0000000002C40000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1788-3-0x0000000000400000-0x0000000002AC0000-memory.dmp

      Filesize

      38.8MB

      Download

    • memory/1788-4-0x0000000000400000-0x0000000002AC0000-memory.dmp

      Filesize

      38.8MB

      Download

    • memory/1788-5-0x00000000002B0000-0x00000000002CB000-memory.dmp

      Filesize

      108KB

      Download