Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2676-3-0x0...ry.exe

windows7-x64

2676-3-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2676-3-0x00000000013B0000-0x00000000018A5000-memory.dmp

  • Size

    5.0MB

  • MD5

    f79cd0b86782464ac03b2b1b00163a36

  • SHA1

    7741f6a15b8fb1fc308f8ba1a7fe3d473aad3da5

  • SHA256

    63816ab4c653d6d4295d3805581d8a66f34e17348b7628c6d39d6db18a3108e2

  • SHA512

    e8f27f7a01b7944251906d61cad4d375d24eb99812888712ffad420759eb84bf155827778e0e6b7e913cecbd0f470bcb8967d69405f66a1e33a0a898f69c27e8

  • SSDEEP

    49152:RPX5ngODnd1KpLmIfU8MJZVecZQcHSZYXGBCzT:xX5gQnd1KpLmMPMJZnQcHCYXGozT

Score
10/10
stokstealc

Malware Config

Extracted

Family

stealc

Botnet

stok

C2

http://185.215.113.206

Attributes
  • url_path

    /c4becf79229cb002.php

Signatures

  • Stealc family
    stealc
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2676-3-0x00000000013B0000-0x00000000018A5000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections