Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    1.5MB

  • Sample

    221105-b2dbpaefcq

  • MD5

    5c6e4ed3fb61cdb5fdd29e52c9554241

  • SHA1

    a56ffc9d7886e4af33b18162a5727ef8aae0d263

  • SHA256

    2b83cdcd64c67d5120f8437964da866b0c0a9456eb45471bbe35242d3c858a0a

  • SHA512

    22ee4225205d0391dfe39583a91aa23b92d9483a605b14fa1f443e3cbe9b8c5c256fa2383a29cbb00310c532911cf8ae8c63a956c15adab8ccb80f8282d161d9

  • SSDEEP

    24576:6s1I0OssTBP8sp1++vGYfSFyMtV3ROHuR0Bess9bIywffOxvwCs9jwkY4G:rOsgNFnvZfSAMTdqrs9jJSfkr4G

Malware Config

Extracted

Family

redline

Botnet

1310

C2

79.137.192.57:48771

Attributes
  • auth_value

    feb5f5c29913f32658637e553762a40e

Targets

    • Target

      file.exe

    • Size

      1.5MB

    • MD5

      5c6e4ed3fb61cdb5fdd29e52c9554241

    • SHA1

      a56ffc9d7886e4af33b18162a5727ef8aae0d263

    • SHA256

      2b83cdcd64c67d5120f8437964da866b0c0a9456eb45471bbe35242d3c858a0a

    • SHA512

      22ee4225205d0391dfe39583a91aa23b92d9483a605b14fa1f443e3cbe9b8c5c256fa2383a29cbb00310c532911cf8ae8c63a956c15adab8ccb80f8282d161d9

    • SSDEEP

      24576:6s1I0OssTBP8sp1++vGYfSFyMtV3ROHuR0Bess9bIywffOxvwCs9jwkY4G:rOsgNFnvZfSAMTdqrs9jJSfkr4G

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks