Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b065492a3db152aa1c1651c0afdcf92b18a6909e958adcf32a6caf29391e4162

  • Size

    286KB

  • Sample

    230303-19n6labg23

  • MD5

    ca3418e0f3511d6c886e852e3e0fb49f

  • SHA1

    25dfdbecaf797f5392df3044e496ce46eae80363

  • SHA256

    b065492a3db152aa1c1651c0afdcf92b18a6909e958adcf32a6caf29391e4162

  • SHA512

    59807ae1fba19a9fc092b7feb406e4f80a4684dbb222588808646ca639108a28bfb3bec285e93e61c0813f0ccf14c8e3f4ff555f40e6dbdcb24c8d6d3ea2b982

  • SSDEEP

    3072:3a/uOGxnTL2iOUAJLdvb7mlq3DcT5S2BTvshixEux2AzgrjtBEYDKaLuyA0UkPbs:3l7xTL2iebqlk/Igq7xjzUR+aa+dc8j

Malware Config

Targets

    • Target

      b065492a3db152aa1c1651c0afdcf92b18a6909e958adcf32a6caf29391e4162

    • Size

      286KB

    • MD5

      ca3418e0f3511d6c886e852e3e0fb49f

    • SHA1

      25dfdbecaf797f5392df3044e496ce46eae80363

    • SHA256

      b065492a3db152aa1c1651c0afdcf92b18a6909e958adcf32a6caf29391e4162

    • SHA512

      59807ae1fba19a9fc092b7feb406e4f80a4684dbb222588808646ca639108a28bfb3bec285e93e61c0813f0ccf14c8e3f4ff555f40e6dbdcb24c8d6d3ea2b982

    • SSDEEP

      3072:3a/uOGxnTL2iOUAJLdvb7mlq3DcT5S2BTvshixEux2AzgrjtBEYDKaLuyA0UkPbs:3l7xTL2iebqlk/Igq7xjzUR+aa+dc8j

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks