Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4063b7b2eb149acac69917f91cd0c902.bin

  • Size

    284KB

  • Sample

    230131-je3l3ahb5z

  • MD5

    5b3562b0af20e433c850c554fb7e03f6

  • SHA1

    d09f21dcdfb784da0478096d951df5bc7a5fb81b

  • SHA256

    0ea9d65c5a53669114d987edae7849e014933e58b1bae1f8c44f60268b965ae5

  • SHA512

    35cf63895459d8c878a052b03c4b9d1e94e100be7f89b0359919fd51692bb63db78f97d0cf16536e3d37df819195755cd6cbdd29e86b353986dc9d7d578b294c

  • SSDEEP

    6144:AZgOSVEyvEdOH+Yw+J6wH5bsZP4DVovsH7bKxfxht664Ps3:C2qdOeOJ5w4b6fbUPs3

Malware Config

Targets

    • Target

      0b5dc252f59e4602c815289edc7f9c6ed6aefa677a58ddadaeeec4f133a1714b.exe

    • Size

      394KB

    • MD5

      4063b7b2eb149acac69917f91cd0c902

    • SHA1

      ca4572c93a9d0a5d82f5df05626107cc23fb4d5b

    • SHA256

      0b5dc252f59e4602c815289edc7f9c6ed6aefa677a58ddadaeeec4f133a1714b

    • SHA512

      b12fa602fe19d2b622bfbe03dd423dfaf05eb7a83d8f2345cee4388a92be5311cacefec97afa37aefd41e94440457898b2904c0d06f2f4861a69926080224922

    • SSDEEP

      6144:8zLPQA2zPL5qqHys5zRIfa/DcnvyUvktsYQbtwESNsxm7qSwzIDM9P:yTMT9qSN5Wy/QnnRmsI7qSAeM

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks