Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1048-55-0x0000000002210000-0x000000000224C000-memory.dmp

  • Size

    240KB

  • Sample

    221102-s2jxxahhg2

  • MD5

    040f647800dd7822a67dbf1a24d0aa61

  • SHA1

    232d77eb12a7a5ab8150cb1448d96e578a47389d

  • SHA256

    3b6b64daf8639dd1deaefeba76e2f1ac88507f8c239ac361ba743125e9994cd5

  • SHA512

    7c5460fa2e87d5747cf9120819dd6b230c34ab0c1db6a86ae4d2d901294bc5619f52e178a3b1f0f7e007fa13527800e56bac63d69b11e3d6656b9c3c4f4bbdb8

  • SSDEEP

    3072:hjqrLWeRQzE+R/17rFjVq5us+nIpOOgAsmZw/YKFHiqoeboe/SR1bthqTOSPwOHX:hjqrIEspVa5bpOvmIufthIPwO

Malware Config

Extracted

Family

redline

Botnet

mytestself

C2

38.22.104.75:9977

Attributes
  • auth_value

    b22078b69f45f5d9d12597cfcefc3b95

Targets

    • Target

      1048-55-0x0000000002210000-0x000000000224C000-memory.dmp

    • Size

      240KB

    • MD5

      040f647800dd7822a67dbf1a24d0aa61

    • SHA1

      232d77eb12a7a5ab8150cb1448d96e578a47389d

    • SHA256

      3b6b64daf8639dd1deaefeba76e2f1ac88507f8c239ac361ba743125e9994cd5

    • SHA512

      7c5460fa2e87d5747cf9120819dd6b230c34ab0c1db6a86ae4d2d901294bc5619f52e178a3b1f0f7e007fa13527800e56bac63d69b11e3d6656b9c3c4f4bbdb8

    • SSDEEP

      3072:hjqrLWeRQzE+R/17rFjVq5us+nIpOOgAsmZw/YKFHiqoeboe/SR1bthqTOSPwOHX:hjqrIEspVa5bpOvmIufthIPwO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks