Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Release.rar
-
Size
91.2MB
-
Sample
250125-rplqasxrar
-
MD5
1a013acdfa60741ac44386b0bcaded3f
-
SHA1
da9b948a64315f7730cc2fca5248e1f982a48132
-
SHA256
0295ff6ecf568fb2e5daa5c22d9c9688899924bd3b83c269c313156c688cfd34
-
SHA512
5c3b03026dc5b65c2dd8d2113faa47c4d07eaa0e129c95428e3350292c145a70a7bc7516c7d974bd8f6029d6abb24726b7dcfd00b3473742e9a570d582b7b54d
-
SSDEEP
1572864:egtYVjFsVc1FHDAiqrl+xHm5/ZAcYQgWb9Tgv755TrPWp7hv9aJt/3:ecYRkczCTRFY0MD6RiJt/
Behavioral task
behavioral1
Sample
Release/Destiny Stealer.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Release/Destiny Stealer.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Release/Stub/DestinyClient.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Release/Stub/DestinyClient.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Release/Destiny Stealer.exe
-
Size
92.1MB
-
MD5
8474d0b303ba15323cbfb786c7183a64
-
SHA1
05513c9cb44d2886092192b74667beb81c16e928
-
SHA256
4703e12dd8f843c87568e547a53ce11f895c63ea5966e320c3c4ae0e893a53c1
-
SHA512
d3e5d2679db73abd3289bccaa9a2e805a7c6b72f5ec723c6532ac201f795fd4b456e7fced9892f9ff89235f41ecc417973eb2a31dc23d4e78ddd70f8215822e4
-
SSDEEP
1572864:wgihGf71kr5fuvnZ9q2l+zPDPi6YMaNyQrbNJX0UyFMEO2NkNXFhxwCwM:wgihGBkr5fuvnZ9q2l+z7Pi/MP0f2ZOS
Score3/10 -
-
-
Target
Release/Stub/DestinyClient.exe
-
Size
561KB
-
MD5
8479d275176a42d08d06971b2a52c29a
-
SHA1
bcdbbbba81db4b28671e6260dde16497794f6753
-
SHA256
8de9d7149d38b1f0d24e0c7b32cc8951082109681fe034f9eaa0736bbba83436
-
SHA512
ca9de88c03a9780bc28867b1afb3b87b6fc1b12c34ed01bc5e69566cd8d1b9f2632ea7e307cdfd582116cbbefd7ec38b9efc4463a655fcd9891ff74385b72776
-
SSDEEP
6144:MV2YyAgcu3L3mW6f/98yQL7cBWMRxRSqG+H5vPE02U0cgmhv2AkJQLoYVC2bLChb:e2YyAh2cBWmpl76Oir
-
StormKitty payload
-
Stormkitty family
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1