Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    StealerSS.exe

  • Size

    1.0MB

  • Sample

    250301-aryn7svjw9

  • MD5

    bdad088bc08af6ba5fcd5fb7e6955e68

  • SHA1

    f6d233b34a0a9be3a58b0cc60f9ba36c2a44158b

  • SHA256

    c82f559937fdd6cafdb5e32217ee6fb571c165759397c507cc8af248b337edb6

  • SHA512

    c539ecc5a16d0a08858bf79eb1ea8d1b7fcf2b6e9eb1c8fea545d2cc9bdea8676a9690dbffffaf82d6d95649590bff8a67c49ed81920ea8a68b177fe9f9fd9ac

  • SSDEEP

    24576:0NRHGhhUF54clNf7+6uHAW92zt/sWu2BSMCqD8kUJ:0Nqo54clgLH+tkWJ0ZzJ

Malware Config

Targets

    • Target

      StealerSS.exe

    • Size

      1.0MB

    • MD5

      bdad088bc08af6ba5fcd5fb7e6955e68

    • SHA1

      f6d233b34a0a9be3a58b0cc60f9ba36c2a44158b

    • SHA256

      c82f559937fdd6cafdb5e32217ee6fb571c165759397c507cc8af248b337edb6

    • SHA512

      c539ecc5a16d0a08858bf79eb1ea8d1b7fcf2b6e9eb1c8fea545d2cc9bdea8676a9690dbffffaf82d6d95649590bff8a67c49ed81920ea8a68b177fe9f9fd9ac

    • SSDEEP

      24576:0NRHGhhUF54clNf7+6uHAW92zt/sWu2BSMCqD8kUJ:0Nqo54clgLH+tkWJ0ZzJ

    • Detects Echelon Stealer payload

    • Echelon

      Echelon is a .NET stealer that targets passwords from browsers, email and cryptocurrency clients.

    • Echelon family

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks