Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cb7f34a1115ecb5270633a5c6103bbbecf2396a086779b3cc11981545a92d838

  • Size

    408KB

  • Sample

    221231-zvvjdsae83

  • MD5

    12f458ecf6e29b542b64868e20317d52

  • SHA1

    5dea4e9e662f25c360f6cea00223987d08e3971a

  • SHA256

    cb7f34a1115ecb5270633a5c6103bbbecf2396a086779b3cc11981545a92d838

  • SHA512

    da5ee76710ceef9f681cf5334940e55d1461755177033224977a02c6aff1914d86a1153251dff5a03175266103b3e574537e19323c7184bc457b2d331c3c37df

  • SSDEEP

    6144:ErzL30ujcE6i/y0RI98/P3sZiIbf164Za9Eu9AvvUHqv3bPZY:Erz70ujcKv69s/giIbfcf9KA

Malware Config

Extracted

Family

redline

Botnet

@new@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    8284279aedaed026a9b7cb9c1c0be4e4

Targets

    • Target

      cb7f34a1115ecb5270633a5c6103bbbecf2396a086779b3cc11981545a92d838

    • Size

      408KB

    • MD5

      12f458ecf6e29b542b64868e20317d52

    • SHA1

      5dea4e9e662f25c360f6cea00223987d08e3971a

    • SHA256

      cb7f34a1115ecb5270633a5c6103bbbecf2396a086779b3cc11981545a92d838

    • SHA512

      da5ee76710ceef9f681cf5334940e55d1461755177033224977a02c6aff1914d86a1153251dff5a03175266103b3e574537e19323c7184bc457b2d331c3c37df

    • SSDEEP

      6144:ErzL30ujcE6i/y0RI98/P3sZiIbf164Za9Eu9AvvUHqv3bPZY:Erz70ujcKv69s/giIbfcf9KA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks