Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    03a367b2aa8bff681b84158253ac822380375aa2f6f111dcee733824d831d995

  • Size

    482KB

  • Sample

    241006-brplzatape

  • MD5

    2e9a4b3dd240a4cb4ba474482e2e38d2

  • SHA1

    10e168ae5f19b1239eb7cdcd94578a0509715f74

  • SHA256

    03a367b2aa8bff681b84158253ac822380375aa2f6f111dcee733824d831d995

  • SHA512

    3ee4adfc903a449522f07a9a56c112e81c30f2f48f5daf5a90a08589bb8ed3136589413009c9dac2c2b4b5e8d163eaab165d8b9094caca79add706918d5650d8

  • SSDEEP

    12288:H81zxK08+/8tWrf5LziYoWwfn7mlL4aMIzIKW78mPNEO:Es+ky5Lzng7ml0apzIK54Nt

Malware Config

Extracted

Family

stealc

Botnet

default5_doz

C2

http://62.204.41.159

Attributes
  • url_path

    /edd20096ecef326d.php

Targets

    • Target

      03a367b2aa8bff681b84158253ac822380375aa2f6f111dcee733824d831d995

    • Size

      482KB

    • MD5

      2e9a4b3dd240a4cb4ba474482e2e38d2

    • SHA1

      10e168ae5f19b1239eb7cdcd94578a0509715f74

    • SHA256

      03a367b2aa8bff681b84158253ac822380375aa2f6f111dcee733824d831d995

    • SHA512

      3ee4adfc903a449522f07a9a56c112e81c30f2f48f5daf5a90a08589bb8ed3136589413009c9dac2c2b4b5e8d163eaab165d8b9094caca79add706918d5650d8

    • SSDEEP

      12288:H81zxK08+/8tWrf5LziYoWwfn7mlL4aMIzIKW78mPNEO:Es+ky5Lzng7ml0apzIK54Nt

    • Stealc

      Stealc is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks