Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    205KB

  • Sample

    240909-w67fjsvfjd

  • MD5

    1a3ac0bc9af8e3b8cc72caaf6ba88b9f

  • SHA1

    885872fa24d22d8b9c118174ed3d7b7419e58fe0

  • SHA256

    ab6d864f42680ad444f9a445d3e403cfd1a6355985db933611ec4cb7607b76bf

  • SHA512

    a59b1c0530fb8fd2881d605b8513107df79a844d52a754b901b0a027fb197a20ce42ce342155b635f383e4aae52de255355213b14fb479dbf2d533e355af4426

  • SSDEEP

    6144:9gPmLyZ30IcCX4PWNlclz7o+pNb6CPSUbv+/QTEO:9gPmLK33X52voGNS2+YTEO

Malware Config

Extracted

Family

stealc

Botnet

default

C2

http://45.152.113.10

Attributes
  • url_path

    /92335b4816f77e90.php

Targets

    • Target

      file.exe

    • Size

      205KB

    • MD5

      1a3ac0bc9af8e3b8cc72caaf6ba88b9f

    • SHA1

      885872fa24d22d8b9c118174ed3d7b7419e58fe0

    • SHA256

      ab6d864f42680ad444f9a445d3e403cfd1a6355985db933611ec4cb7607b76bf

    • SHA512

      a59b1c0530fb8fd2881d605b8513107df79a844d52a754b901b0a027fb197a20ce42ce342155b635f383e4aae52de255355213b14fb479dbf2d533e355af4426

    • SSDEEP

      6144:9gPmLyZ30IcCX4PWNlclz7o+pNb6CPSUbv+/QTEO:9gPmLK33X52voGNS2+YTEO

    • Stealc

      Stealc is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks