3d708e28ab426351003537dd67bc6fbf36bd3420f620c600b003d0f1acbee6af | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

cstealer-m...ler.py

windows7-x64

3

cstealer-m...ler.py

windows10-2004-x64

3

cstealer-m...ll.bat

windows7-x64

1

cstealer-m...ll.bat

windows10-2004-x64

8

Sharing

General

Target

cstealer-main.zip
Size

1.1MB
Sample

240802-vst3masemr
MD5

6d0e23bc358840ba33aa3f1f651d1365
SHA1

31b3c2d3f79d544c3642fa90af43a50ffbfee764
SHA256

3d708e28ab426351003537dd67bc6fbf36bd3420f620c600b003d0f1acbee6af
SHA512

92d37c38af43aed0a6bd6ac29cec356f9c30d3d0a933f1a279b2a27417bcc7e95b746e40b12ed764c1a9b763e3152fe1812900f51b83f2d38d3f22f5700fdf35
SSDEEP

24576:tmn7bJ0O0qKVpguPHg3csOHB5cPRkRzWb6meFnqkRrlq5:tah02KMcJRRzWbIqk3q

Score

8^/10

defense_evasion discovery

Static task

static1

Behavioral task

behavioral1

Sample

cstealer-main/cstealer.py

Resource

win7-20240708-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

cstealer-main/cstealer.py

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

cstealer-main/install.bat

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

cstealer-main/install.bat

Resource

win10v2004-20240802-en

defense_evasion

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  cstealer-main/cstealer.py
- Size
  
  54KB
- MD5
  
  ec3b69b6805856632c297d0969c9a87c
- SHA1
  
  d111dfcf43ad9686f950685e62d9da934716f7cb
- SHA256
  
  d597d764b7bfb2e7e10a087e7671c0a7edb5732a16e7efff277d1a5d7b2cc00d
- SHA512
  
  b4e159b19b77b4f36006f52e95409c185214ca26fcd195408f5a88bffef95e9e0dc82b626f70d7c38727b5b0c9cc7de1a9f922a3e0f21fae4dcc473d85ed8806
- SSDEEP
  
  1536:dTjwFKWGs8SMApj48b9tTLC0DJ9JN18KTI6+8:dRswKj48b9lLnJ9N8KTJ
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  cstealer-main/install.bat
- Size
  
  49B
- MD5
  
  ebeaccf4443e852caac1dd62952d3c43
- SHA1
  
  02ce957a5144a3dfd1558cb71183b437f6ae37c8
- SHA256
  
  ebda70b1032e47f5e35e1de47d993d8d8e0d3718e6d4f345ce6432f6dcffb705
- SHA512
  
  34324a97ceb9dd7ac46a4906ae049fbd225ed904bcd85dc0b029ff6e66353d07e41d019c2a8139205a35b492c3f2aee8f674c14019b7006a9672f8bd6d072a49
Score

8^/10

defense_evasion
- Downloads MZ/PE file
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

defense_evasion

© 2018-2025

Terms | Privacy