Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    454KB

  • Sample

    230210-mlbnpsbc72

  • MD5

    a1c18bda24cb41401dd3a65ee234e1b6

  • SHA1

    8603e6b035dce6538ecb56c8b0d416058786b2a2

  • SHA256

    aabfb8f93787c9a79b570765aef8fb21c6de596c552eb597c23a88bb095b5045

  • SHA512

    c2240c1479c1ecf090afb3e515a5adfa754edec8b675c5376c1855b311fad348fac3347dc1511b8a7db104a8de88824de596935b37183c28404a4322d67f634d

  • SSDEEP

    6144:HQ5qaa8+1ZayBL0dJAOK17h5+eBn4IItatzoAq6Qv4RynfWAncoUA/:HYqlZvQFK1Vb4vatsLQcnfWUX/

Malware Config

Targets

    • Target

      file

    • Size

      454KB

    • MD5

      a1c18bda24cb41401dd3a65ee234e1b6

    • SHA1

      8603e6b035dce6538ecb56c8b0d416058786b2a2

    • SHA256

      aabfb8f93787c9a79b570765aef8fb21c6de596c552eb597c23a88bb095b5045

    • SHA512

      c2240c1479c1ecf090afb3e515a5adfa754edec8b675c5376c1855b311fad348fac3347dc1511b8a7db104a8de88824de596935b37183c28404a4322d67f634d

    • SSDEEP

      6144:HQ5qaa8+1ZayBL0dJAOK17h5+eBn4IItatzoAq6Qv4RynfWAncoUA/:HYqlZvQFK1Vb4vatsLQcnfWUX/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks