Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e9fa55d18680e258ad7ca142dae5cce2.bin

  • Size

    243KB

  • Sample

    230217-b5gtaadb98

  • MD5

    b561f24838f6f8a6c6ab2226e89b0745

  • SHA1

    6d86e6e7b20c2c0b82fe7aeaba4a4b3cd7918687

  • SHA256

    29201321668dde2481b0be0d677f916e05c585eb3ff75d40befe6932099896bf

  • SHA512

    3e1cba871bef4afaa97c16f4c37ee8f3eb41f6fdd5878223181bef21c5f4b283a6b5225dfb157083fda93ac06dae03943fc434e5417f9f6455aac244b0894392

  • SSDEEP

    6144:hMdsuAbUURna4SSovmLhVS8NSYMcdZK1LhUOGjR:idbURa7SbLhkYw1VUHd

Malware Config

Targets

    • Target

      4f395037800594a472f463143f4e1676316076bb2dcc7ef44e0ac339f1a8fc13.exe

    • Size

      311KB

    • MD5

      e9fa55d18680e258ad7ca142dae5cce2

    • SHA1

      f7b2807cb1f22353f01a44c2b0bf952a6c439f3e

    • SHA256

      4f395037800594a472f463143f4e1676316076bb2dcc7ef44e0ac339f1a8fc13

    • SHA512

      7cdfafe9b5171c252458893c56f1a49130fc0e2fca3e8278c4ca45c42852e7311ac35051f2ae5c9823af5eb0c752821890931b7f6492372678c0c153cfc01805

    • SSDEEP

      6144:3PvKvYRjI4yRWMHTVTZi6BFA0QdbWaTUNsWjxpxNJdzNd:3PnM4yQMzVTs6BFA0QZNTUNsWHJB

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks