Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    433KB

  • Sample

    230106-v39wtshc83

  • MD5

    5068d34d0dff26e2725ee7818d2c715d

  • SHA1

    9eed22f6414aa83dea47ff75dd131569d0f37d09

  • SHA256

    30c78cd350e0d08cd0199f2705b08cc6eccd0ee4ca21d4b0c58d70e956ab33be

  • SHA512

    da20c44e30e548ba616751f3459191ec47191b030475ed210349c717fc8daca881d29f1d2acf66ad12ab75434a74ef17cde182cec4468e3a2369c9f2f351ce5b

  • SSDEEP

    12288:4rrNTf2siEeORoiqXxpgVWso0j9f+nBQzS:4Hdf2JEegVqXHgVWz0t+nGzS

Malware Config

Extracted

Family

redline

Botnet

@new@2023

C2

77.73.133.62:22344

Attributes
  • auth_value

    8284279aedaed026a9b7cb9c1c0be4e4

Targets

    • Target

      file.exe

    • Size

      433KB

    • MD5

      5068d34d0dff26e2725ee7818d2c715d

    • SHA1

      9eed22f6414aa83dea47ff75dd131569d0f37d09

    • SHA256

      30c78cd350e0d08cd0199f2705b08cc6eccd0ee4ca21d4b0c58d70e956ab33be

    • SHA512

      da20c44e30e548ba616751f3459191ec47191b030475ed210349c717fc8daca881d29f1d2acf66ad12ab75434a74ef17cde182cec4468e3a2369c9f2f351ce5b

    • SSDEEP

      12288:4rrNTf2siEeORoiqXxpgVWso0j9f+nBQzS:4Hdf2JEegVqXHgVWz0t+nGzS

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks