Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

  • Size

    414KB

  • Sample

    240422-wnnkqaeb99

  • MD5

    df1ecb1fc2d0480ef5a0e569543d14e9

  • SHA1

    8c90b5a6caab28b852cde352011752cb2761fdf9

  • SHA256

    136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

  • SHA512

    4e8af41bdd90a6a2f2008be558041678608761703bbbd4f08a55ff1305464319bb96cbd53071c71f83a73ee6d1189a3a3aa3c91e69c3aae9626e3e209671aad4

  • SSDEEP

    6144:GaNowv7MR+dM+A4K3Kc8Y2Yem0IuONlLfiFtDgjTUGU6J54:GaNPv7Q+72K4eYrlLQDg0xo4

Score
10/10

Malware Config

Targets

    • Target

      136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

    • Size

      414KB

    • MD5

      df1ecb1fc2d0480ef5a0e569543d14e9

    • SHA1

      8c90b5a6caab28b852cde352011752cb2761fdf9

    • SHA256

      136aff853514ca7aba662cc26bc54cfb92d58e6477752ce3a8948ff9f1117499

    • SHA512

      4e8af41bdd90a6a2f2008be558041678608761703bbbd4f08a55ff1305464319bb96cbd53071c71f83a73ee6d1189a3a3aa3c91e69c3aae9626e3e209671aad4

    • SSDEEP

      6144:GaNowv7MR+dM+A4K3Kc8Y2Yem0IuONlLfiFtDgjTUGU6J54:GaNPv7Q+72K4eYrlLQDg0xo4

    Score
    10/10
    • Stealc

      Stealc is an infostealer written in C++.

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks