Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    812-112-0x00000000022C0000-0x0000000002304000-memory.dmp

  • Size

    272KB

  • Sample

    230213-g1jpzaag3y

  • MD5

    26b3b79ce7d3c897a735a7e3c82f6d86

  • SHA1

    1b0bf32d72b93eca95881aecc6381490e74434da

  • SHA256

    a7f4cca518ce1d91edae7f5d658a87f5856de2183160e2ce341878dffb95cd85

  • SHA512

    3548aaa5221d4406a582da5a64f71cd725eb24a1f3a0d4efe9ade4333a4cb00fd4a4bba96e7e69db3df439b2b07eabf48b0514050fcf4fb54d04494537fe9b56

  • SSDEEP

    3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2O:p6jgppZsLKwuAexbpZghdnlQH5Q

Malware Config

Extracted

Family

redline

Botnet

romik

C2

193.233.20.12:4132

Attributes
  • auth_value

    8fb78d2889ba0ca42678b59b884e88ff

Targets

    • Target

      812-112-0x00000000022C0000-0x0000000002304000-memory.dmp

    • Size

      272KB

    • MD5

      26b3b79ce7d3c897a735a7e3c82f6d86

    • SHA1

      1b0bf32d72b93eca95881aecc6381490e74434da

    • SHA256

      a7f4cca518ce1d91edae7f5d658a87f5856de2183160e2ce341878dffb95cd85

    • SHA512

      3548aaa5221d4406a582da5a64f71cd725eb24a1f3a0d4efe9ade4333a4cb00fd4a4bba96e7e69db3df439b2b07eabf48b0514050fcf4fb54d04494537fe9b56

    • SSDEEP

      3072:p6j4ELH6Vt7CENpmh6sLKR+utY/edHbpiWo40mTJghm0nlQoYKgQmExNn2pU9f2O:p6jgppZsLKwuAexbpZghdnlQH5Q

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks