Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19966b573d5fa3317b872b95735f9dfc9c6f473b09283747ccde632db0918fe8.exe

  • Size

    22.9MB

  • Sample

    240811-bf2r6axeql

  • MD5

    e5570649471b03733af5167be3725b6a

  • SHA1

    65c5e07b2a7c06128ba519124b0a474dcd47c640

  • SHA256

    19966b573d5fa3317b872b95735f9dfc9c6f473b09283747ccde632db0918fe8

  • SHA512

    98b6e308b8d978768a20bcfee6431f2b70678d9beaf4b59de0afc6a5687801d70a6a0798a8b6f4351c395535eb4ca14f5d177b30bba79471f9d6cd153cbb6e9b

  • SSDEEP

    98304:8Ee4Iop/Klq6b3coYQUjTPNzO+EbTBVcPAR5Eaf2rVLywF1l05:tKlq6bHFUfPxZJPSae29N1l0

Malware Config

Extracted

Family

stealc

Botnet

cr1

C2

http://45.152.114.50

Attributes
  • url_path

    /587ec30955d49a9c.php

Targets

    • Target

      19966b573d5fa3317b872b95735f9dfc9c6f473b09283747ccde632db0918fe8.exe

    • Size

      22.9MB

    • MD5

      e5570649471b03733af5167be3725b6a

    • SHA1

      65c5e07b2a7c06128ba519124b0a474dcd47c640

    • SHA256

      19966b573d5fa3317b872b95735f9dfc9c6f473b09283747ccde632db0918fe8

    • SHA512

      98b6e308b8d978768a20bcfee6431f2b70678d9beaf4b59de0afc6a5687801d70a6a0798a8b6f4351c395535eb4ca14f5d177b30bba79471f9d6cd153cbb6e9b

    • SSDEEP

      98304:8Ee4Iop/Klq6b3coYQUjTPNzO+EbTBVcPAR5Eaf2rVLywF1l05:tKlq6bHFUfPxZJPSae29N1l0

    • Stealc

      Stealc is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks