Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Release.rar

  • Size

    91.2MB

  • Sample

    250125-rplqasxrar

  • MD5

    1a013acdfa60741ac44386b0bcaded3f

  • SHA1

    da9b948a64315f7730cc2fca5248e1f982a48132

  • SHA256

    0295ff6ecf568fb2e5daa5c22d9c9688899924bd3b83c269c313156c688cfd34

  • SHA512

    5c3b03026dc5b65c2dd8d2113faa47c4d07eaa0e129c95428e3350292c145a70a7bc7516c7d974bd8f6029d6abb24726b7dcfd00b3473742e9a570d582b7b54d

  • SSDEEP

    1572864:egtYVjFsVc1FHDAiqrl+xHm5/ZAcYQgWb9Tgv755TrPWp7hv9aJt/3:ecYRkczCTRFY0MD6RiJt/

Malware Config

Targets

    • Target

      Release/Destiny Stealer.exe

    • Size

      92.1MB

    • MD5

      8474d0b303ba15323cbfb786c7183a64

    • SHA1

      05513c9cb44d2886092192b74667beb81c16e928

    • SHA256

      4703e12dd8f843c87568e547a53ce11f895c63ea5966e320c3c4ae0e893a53c1

    • SHA512

      d3e5d2679db73abd3289bccaa9a2e805a7c6b72f5ec723c6532ac201f795fd4b456e7fced9892f9ff89235f41ecc417973eb2a31dc23d4e78ddd70f8215822e4

    • SSDEEP

      1572864:wgihGf71kr5fuvnZ9q2l+zPDPi6YMaNyQrbNJX0UyFMEO2NkNXFhxwCwM:wgihGBkr5fuvnZ9q2l+z7Pi/MP0f2ZOS

    Score
    3/10
    • Target

      Release/Stub/DestinyClient.exe

    • Size

      561KB

    • MD5

      8479d275176a42d08d06971b2a52c29a

    • SHA1

      bcdbbbba81db4b28671e6260dde16497794f6753

    • SHA256

      8de9d7149d38b1f0d24e0c7b32cc8951082109681fe034f9eaa0736bbba83436

    • SHA512

      ca9de88c03a9780bc28867b1afb3b87b6fc1b12c34ed01bc5e69566cd8d1b9f2632ea7e307cdfd582116cbbefd7ec38b9efc4463a655fcd9891ff74385b72776

    • SSDEEP

      6144:MV2YyAgcu3L3mW6f/98yQL7cBWMRxRSqG+H5vPE02U0cgmhv2AkJQLoYVC2bLChb:e2YyAh2cBWmpl76Oir

    • StormKitty

      StormKitty is an open source info stealer written in C#.

    • StormKitty payload

    • Stormkitty family

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks