Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c88dc765a7...18.exe

windows7-x64

10

c88dc765a7...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c88dc765a7c177418c78681e6c997ff4_JaffaCakes118

  • Size

    2.3MB

  • Sample

    241205-t22ndssmh1

  • MD5

    c88dc765a7c177418c78681e6c997ff4

  • SHA1

    a1c6b7a24474ffd02ac9a3d515ffb9c1a255259e

  • SHA256

    a815984315b712dc2067fcf34bc1ba95b9badebb78e20afb7fb3068bcdf1dbb7

  • SHA512

    7680712c56b8fda096d8115d82dad75f44723f2b9298820a3d4b08276502584ac2f83d3930a27ed7ecad47f2774f4296870d9cf4bf10eafa15ae0d146451ebe1

  • SSDEEP

    49152:4fSA5sZBZ2bLAqFEBjlqDnlhPYEwXYP5Rw3t8BxDemj2KgH:+16kRFEBjlanMGR6twpekg

Score
10/10
stealthworkerbotnetdiscoveryupx

Malware Config

Extracted

Family

stealthworker

Version

3.11

C2

http://176.121.14.113:8888

Targets

    • Target

      c88dc765a7c177418c78681e6c997ff4_JaffaCakes118

    • Size

      2.3MB

    • MD5

      c88dc765a7c177418c78681e6c997ff4

    • SHA1

      a1c6b7a24474ffd02ac9a3d515ffb9c1a255259e

    • SHA256

      a815984315b712dc2067fcf34bc1ba95b9badebb78e20afb7fb3068bcdf1dbb7

    • SHA512

      7680712c56b8fda096d8115d82dad75f44723f2b9298820a3d4b08276502584ac2f83d3930a27ed7ecad47f2774f4296870d9cf4bf10eafa15ae0d146451ebe1

    • SSDEEP

      49152:4fSA5sZBZ2bLAqFEBjlqDnlhPYEwXYP5Rw3t8BxDemj2KgH:+16kRFEBjlanMGR6twpekg

    Score
    10/10
    stealthworkerbotnetdiscoveryupx

    • StealthWorker

      StealthWorker is golang-based brute force malware.

      botnetstealthworker

    • Stealthworker family

      stealthworker

    • Drops startup file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks