Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dbbeaa246c94b8d2d410fb10e8de58bf34210c4c2102a5f77613c67153cc841e

  • Size

    2.4MB

  • Sample

    220911-hpa45abbd7

  • MD5

    c428ce3d43a1fdbadd8eacc8b72b42e5

  • SHA1

    bfe74fa0bfeff3ee9f0211f050f77f12bbc7bbb1

  • SHA256

    dbbeaa246c94b8d2d410fb10e8de58bf34210c4c2102a5f77613c67153cc841e

  • SHA512

    e3b2a9eb7372bdc218d4ea9b717ec228bd08b8c83df67d851beb830ff993e5a01dd04a689d14a4b07fd7b1edc828cce7c70dfa92fa08051cbb3986d17aa337b2

  • SSDEEP

    24576:lWaIgjWkZAY/Y1MWbB91Mr8l0rimDc50RV38lodVEFianILaDNl3RuQ553139:IkAzCPnVEFianIKl3X

Score
10/10

Malware Config

Extracted

Family

redline

C2

152.89.219.248:19932

Attributes
  • auth_value

    243d546aabe04bf57a8c783938af0d9b

Targets

    • Target

      dbbeaa246c94b8d2d410fb10e8de58bf34210c4c2102a5f77613c67153cc841e

    • Size

      2.4MB

    • MD5

      c428ce3d43a1fdbadd8eacc8b72b42e5

    • SHA1

      bfe74fa0bfeff3ee9f0211f050f77f12bbc7bbb1

    • SHA256

      dbbeaa246c94b8d2d410fb10e8de58bf34210c4c2102a5f77613c67153cc841e

    • SHA512

      e3b2a9eb7372bdc218d4ea9b717ec228bd08b8c83df67d851beb830ff993e5a01dd04a689d14a4b07fd7b1edc828cce7c70dfa92fa08051cbb3986d17aa337b2

    • SSDEEP

      24576:lWaIgjWkZAY/Y1MWbB91Mr8l0rimDc50RV38lodVEFianILaDNl3RuQ553139:IkAzCPnVEFianIKl3X

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks