Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    2.7MB

  • Sample

    220917-vdy32aeaek

  • MD5

    4ff32e92875725467e00cf7bd47c68a6

  • SHA1

    d9e7255c16c0998e8ec6b252ba5ba8e864c1a825

  • SHA256

    3a4cee5345c6bf5263a774e11e98dbd6d2cc24309d1f1f49839daa0211b91ce1

  • SHA512

    1bf22dd0b44364897fd2a6bf72cbf7b8494ebac49612f78f2016c66f4f198a15e4e0523f7269c21b03a34dabb40b7c1b4d32f7a28d88a2a6b3465c4904aecaac

  • SSDEEP

    24576:V35k2KksqbO/l89pN96Y5Y8D24rujMlHd1h1MiDMWaG4hsD+Qcz5jLkrh5Jl3Rud:B5k2KksOO+9pNEKARhE+Qcz5jql3w

Score
10/10
redline@forceddd_lztinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

@forceddd_lzt

C2

5.182.36.101:31305

Attributes
  • auth_value

    91ffc3d776bc56b5c410d1adf5648512

Targets

    • Target

      file.exe

    • Size

      2.7MB

    • MD5

      4ff32e92875725467e00cf7bd47c68a6

    • SHA1

      d9e7255c16c0998e8ec6b252ba5ba8e864c1a825

    • SHA256

      3a4cee5345c6bf5263a774e11e98dbd6d2cc24309d1f1f49839daa0211b91ce1

    • SHA512

      1bf22dd0b44364897fd2a6bf72cbf7b8494ebac49612f78f2016c66f4f198a15e4e0523f7269c21b03a34dabb40b7c1b4d32f7a28d88a2a6b3465c4904aecaac

    • SSDEEP

      24576:V35k2KksqbO/l89pN96Y5Y8D24rujMlHd1h1MiDMWaG4hsD+Qcz5jLkrh5Jl3Rud:B5k2KksOO+9pNEKARhE+Qcz5jql3w

    Score
    10/10
    redline@forceddd_lztinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks