Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

60e6ce0b81...03.exe

windows7-x64

10

60e6ce0b81...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60e6ce0b81e5896b7611674ff322a00349c79d6155e03.exe

  • Size

    515KB

  • Sample

    230201-tagh5scd5v

  • MD5

    d89985fb0374da504e9a0d426d1baeb5

  • SHA1

    98d61649c2f4cf6f5fc9a49d56036136cf1ce8b5

  • SHA256

    60e6ce0b81e5896b7611674ff322a00349c79d6155e03d37e1787c14da897ef4

  • SHA512

    055a55ee60bcf0712771babc6663b720b394657906929a45bf7389e26cb056dc04b264462d55c45ad679cfcd7305a56709b0ccfba1822a7d72e86cd5eb1ece4b

  • SSDEEP

    12288:h/lh66QhTIE+3r+Z/79PxBXV08X++7UBAQND7Ue:h/lh66QZIE+3r+fxBi8Oa0AQNvD

Score
10/10
redlinebigdickinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

bigdick

C2

185.254.37.212:80

Attributes
  • auth_value

    88290259fe8dc49da48b125d03e6788c

Targets

    • Target

      60e6ce0b81e5896b7611674ff322a00349c79d6155e03.exe

    • Size

      515KB

    • MD5

      d89985fb0374da504e9a0d426d1baeb5

    • SHA1

      98d61649c2f4cf6f5fc9a49d56036136cf1ce8b5

    • SHA256

      60e6ce0b81e5896b7611674ff322a00349c79d6155e03d37e1787c14da897ef4

    • SHA512

      055a55ee60bcf0712771babc6663b720b394657906929a45bf7389e26cb056dc04b264462d55c45ad679cfcd7305a56709b0ccfba1822a7d72e86cd5eb1ece4b

    • SSDEEP

      12288:h/lh66QhTIE+3r+Z/79PxBXV08X++7UBAQND7Ue:h/lh66QZIE+3r+fxBi8Oa0AQNvD

    Score
    10/10
    redlinebigdickinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks