Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    95a742a546546bce1590d9ac8cb15c5a681593688133d6d92680bbf9ee299f36

  • Size

    2.5MB

  • Sample

    240808-2mav5avgjc

  • MD5

    d90f73c7ff1684b33e76141951e709a3

  • SHA1

    2508afb0008ca21997a6bc449fb7feb48529d941

  • SHA256

    95a742a546546bce1590d9ac8cb15c5a681593688133d6d92680bbf9ee299f36

  • SHA512

    96620a7a6a4d8781caffe1733107d15aaa005944e75f434c1ee53a5d0ce356255e4f8b688aeda639b70c93503cd0925f2b9c1234fc1464f17478d97eb84ec724

  • SSDEEP

    49152:ZQGYcVhpnz0dX9ra5tz+Len/Bg4hnxYLCXX6yR3MLR:ZQGYkpnz099W5tmen/RJZRER

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://185.215.113.24

Attributes
  • url_path

    /e2b1563c6670f193.php

Targets

    • Target

      95a742a546546bce1590d9ac8cb15c5a681593688133d6d92680bbf9ee299f36

    • Size

      2.5MB

    • MD5

      d90f73c7ff1684b33e76141951e709a3

    • SHA1

      2508afb0008ca21997a6bc449fb7feb48529d941

    • SHA256

      95a742a546546bce1590d9ac8cb15c5a681593688133d6d92680bbf9ee299f36

    • SHA512

      96620a7a6a4d8781caffe1733107d15aaa005944e75f434c1ee53a5d0ce356255e4f8b688aeda639b70c93503cd0925f2b9c1234fc1464f17478d97eb84ec724

    • SSDEEP

      49152:ZQGYcVhpnz0dX9ra5tz+Len/Bg4hnxYLCXX6yR3MLR:ZQGYkpnz099W5tmen/RJZRER

    • Stealc

      Stealc is an infostealer written in C++.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks