Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d8c4a07e0a84363f81091a8924bd38f01123ddd14bd2093e4836d074a88df72N

  • Size

    502KB

  • Sample

    241009-vv6t7szdkp

  • MD5

    ddebfb0162635fe5e37a7c879abc8b20

  • SHA1

    d92157d0db775fd1c34480c4879fbc0aab366186

  • SHA256

    1d8c4a07e0a84363f81091a8924bd38f01123ddd14bd2093e4836d074a88df72

  • SHA512

    37f664545939f59b829ff45e61e59a594c9f523645a057149263fd6108c3dba44d7d3b1e61fd3f5d02c1408983e1d51d2247fda0be1fe4a22c4bc3c341c98c51

  • SSDEEP

    12288:8KuDhKFCHlqPEfZRRvU8rZzpLdVRkURZHUNecrKp:8KgKFmkwNrZvVRkm0hw

Malware Config

Extracted

Family

stealc

Botnet

default5_doz

C2

http://62.204.41.159

Attributes
  • url_path

    /edd20096ecef326d.php

Targets

    • Target

      1d8c4a07e0a84363f81091a8924bd38f01123ddd14bd2093e4836d074a88df72N

    • Size

      502KB

    • MD5

      ddebfb0162635fe5e37a7c879abc8b20

    • SHA1

      d92157d0db775fd1c34480c4879fbc0aab366186

    • SHA256

      1d8c4a07e0a84363f81091a8924bd38f01123ddd14bd2093e4836d074a88df72

    • SHA512

      37f664545939f59b829ff45e61e59a594c9f523645a057149263fd6108c3dba44d7d3b1e61fd3f5d02c1408983e1d51d2247fda0be1fe4a22c4bc3c341c98c51

    • SSDEEP

      12288:8KuDhKFCHlqPEfZRRvU8rZzpLdVRkURZHUNecrKp:8KgKFmkwNrZvVRkm0hw

    • Stealc

      Stealc is an infostealer written in C++.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks