Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Listado Facturas.exe

windows7-x64

1

Listado Facturas.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b402bb02ec8211eb98b09beb60ea62db552c98ecc5919337dbace8af8bc0f57

  • Size

    7.9MB

  • Sample

    250321-mznv7awybx

  • MD5

    8fe2cd7a376066e25c7127d9e603f281

  • SHA1

    c74dc6a211dd14498c5c4081149e2feacca913dd

  • SHA256

    8b402bb02ec8211eb98b09beb60ea62db552c98ecc5919337dbace8af8bc0f57

  • SHA512

    5d81b6fbfb6b96bbbcfe713726216442accb259fb24877d69cefd395462d4fd77834a8ea4d9b189d553c77211cf10b06e3f2b1ae6fcdd87a06e9542a595a1c7b

  • SSDEEP

    196608:kVgEEeRmAuGYy4I/VJastB90YKjFpkTKtbbEyIHV6CS2:OgEE+uxI/Vtf0Y+kTKt0yI1nS2

Score
10/10
stealeriumstealer

Malware Config

Extracted

Family

stealerium

C2

https://api.telegram.org/bot7756107542:AAEhuCgRX-ckFVwps3xqgrtyb3JVRKo9Tog/sendMessage?chat_id=

Targets

    • Target

      Listado Facturas.exe

    • Size

      7.9MB

    • MD5

      e44441da8f8b45b56e6b46ab5ddf4736

    • SHA1

      d8b09914d7e463e72ddc13206b86c3d90aa993c2

    • SHA256

      10fb218b942d8e1e9e070b82f01ce72128a19e97158003b53686b4d7a03a8aa8

    • SHA512

      84f5c7299e954d773ac2c65c3849dbf2bb4a4fefc395a8afc6cb30ee236d9d37d5cfb5caefdb7a906ea5a8a11884fb0c64483f2c454ac00232d79701676cfa20

    • SSDEEP

      196608:8R1r9MalxTjLcUeLs8fk4kgQeo49tAQxVEkWxATVmVg5NsED5lO4:sria3TjYs8M4kPeo4fAHxsVSgw85

    Score
    10/10
    stealeriumstealer

    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

      stealerstealerium

    • Stealerium family

      stealerium

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks