Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5232a29c5973bafe7cd0a0e30b025114590498b87704f8d63bb7eb0208afa12b

  • Size

    288KB

  • Sample

    230305-wlkq2sha55

  • MD5

    d345a7d139b0f92c817dcc1104ce20e1

  • SHA1

    d08b15b07daec75040d2660d7210e319b9034ea7

  • SHA256

    5232a29c5973bafe7cd0a0e30b025114590498b87704f8d63bb7eb0208afa12b

  • SHA512

    d0a9b035facee083a6bdc7ac6cd7313a03d35d03daf33e6d13819c3c67a68ff8cb38364f7ae3639669ff8bb90e942bc8aa8e2b26ba2364764f296d31defcd9b6

  • SSDEEP

    6144:gMXx4CzAH1URB2HJTPcl/T7uEmoNlRGOvIzQSlOlMzwE:g0+CzAHm2HBPi/3JmolGOvN4G5E

Malware Config

Targets

    • Target

      5232a29c5973bafe7cd0a0e30b025114590498b87704f8d63bb7eb0208afa12b

    • Size

      288KB

    • MD5

      d345a7d139b0f92c817dcc1104ce20e1

    • SHA1

      d08b15b07daec75040d2660d7210e319b9034ea7

    • SHA256

      5232a29c5973bafe7cd0a0e30b025114590498b87704f8d63bb7eb0208afa12b

    • SHA512

      d0a9b035facee083a6bdc7ac6cd7313a03d35d03daf33e6d13819c3c67a68ff8cb38364f7ae3639669ff8bb90e942bc8aa8e2b26ba2364764f296d31defcd9b6

    • SSDEEP

      6144:gMXx4CzAH1URB2HJTPcl/T7uEmoNlRGOvIzQSlOlMzwE:g0+CzAHm2HBPi/3JmolGOvN4G5E

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks