Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Fortnite New Hack.rar

  • Size

    6.5MB

  • Sample

    221002-yjwrmshgfj

  • MD5

    d979fe3d4fd5a049e9eef15f005a2063

  • SHA1

    897dc9d76bdb05b54cfd91f098961dbf2ce70b11

  • SHA256

    58afb1dd8ae1ed37ebc9c28a752640b3494451cba42ae58e7725554809f6bfaf

  • SHA512

    16c440529b303fa95e79829e62c0f5262610dbbf9229f91538651996dafb70e832fbb9a0e6fbaec51b88815bb3ce4ea748f2d6d2fcaec2a9a55377756e15b826

  • SSDEEP

    196608:54DJ5v2BK3pawJ2PHMTlVJ8kJR7zac69M:J9HMhv8kJR7zadM

Malware Config

Extracted

Family

redline

C2

79.137.192.47:46759

Attributes
  • auth_value

    67c54899f07d261b61aeef71b1ae3f6c

Targets

    • Target

      Fortnite Hack/Run.exe

    • Size

      2.6MB

    • MD5

      9b84fd60b5f757255d2aa8207a6c2948

    • SHA1

      66a060d8a51aab38b40e7ed173414c29097e9665

    • SHA256

      721b2b68367c044a4bab9bc0e67fe7d234011c5fd78624084dd7005934362696

    • SHA512

      3d00275cf479150b6ef6bc2e1f81c4a6e26e9169362991d81ca126fd67593664d7c02c624391f1f6b91acc7f1452946be4d098c79ae80395f24d3b27b97aa936

    • SSDEEP

      24576:6qvjTagmD2N1apOYpYkAK4BfAM8odd4JulXFoXAVzbrbjL4KGKl3RuQ553134:6WpmD2N1a9vgBVzbrbjMK9l32

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks