Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

  • Size

    414KB

  • Sample

    240422-wnnkqaeb99

  • MD5

    df1ecb1fc2d0480ef5a0e569543d14e9

  • SHA1

    8c90b5a6caab28b852cde352011752cb2761fdf9

  • SHA256

    136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

  • SHA512

    4e8af41bdd90a6a2f2008be558041678608761703bbbd4f08a55ff1305464319bb96cbd53071c71f83a73ee6d1189a3a3aa3c91e69c3aae9626e3e209671aad4

  • SSDEEP

    6144:GaNowv7MR+dM+A4K3Kc8Y2Yem0IuONlLfiFtDgjTUGU6J54:GaNPv7Q+72K4eYrlLQDg0xo4

Score
10/10
stealcstealer

Malware Config

Targets

    • Target

      136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

    • Size

      414KB

    • MD5

      df1ecb1fc2d0480ef5a0e569543d14e9

    • SHA1

      8c90b5a6caab28b852cde352011752cb2761fdf9

    • SHA256

      136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

    • SHA512

      4e8af41bdd90a6a2f2008be558041678608761703bbbd4f08a55ff1305464319bb96cbd53071c71f83a73ee6d1189a3a3aa3c91e69c3aae9626e3e209671aad4

    • SSDEEP

      6144:GaNowv7MR+dM+A4K3Kc8Y2Yem0IuONlLfiFtDgjTUGU6J54:GaNPv7Q+72K4eYrlLQDg0xo4

    Score
    10/10
    stealcstealer

    • Stealc

      Stealc is an infostealer written in C++.

      stealerstealc

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks