Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    32e595d4c93e4e0ca55de6756cf23ea090ea45c86d958857f44109376b02e3b0.zip

  • Size

    248KB

  • Sample

    230308-ndr66afg69

  • MD5

    5a8357fa903d1014ccaa522db35588ae

  • SHA1

    4dfb13eabd8a06f968b5e7af2d8593ac9cfa2a8d

  • SHA256

    c5f5a479eb5c02616f66027c25cef962ba5a6603a12698c01162d9d08045bf52

  • SHA512

    6fb0646b9b037140f797904c53dd0a381e13932b6eb9df3d6bb249aae5e6728e78b29b877909a3647d4c51ec850858100e47bd546f031cd1a8bc9a8156255ea8

  • SSDEEP

    6144:siJJTlVRjodFO4JNcSzu6U+GjJeEUtdeW4CfrRy7K2XFh57+oOLS:siDREdvJNVzuL8EUtdZvloFOm

Malware Config

Targets

    • Target

      32e595d4c93e4e0ca55de6756cf23ea090ea45c86d958857f44109376b02e3b0.exe

    • Size

      362KB

    • MD5

      341dd25109a0edf55c3169110a358e48

    • SHA1

      10d375284193deed8a23103f8d9c13af138d034e

    • SHA256

      32e595d4c93e4e0ca55de6756cf23ea090ea45c86d958857f44109376b02e3b0

    • SHA512

      55ea10eacccaa329ecbf5f04614b24ff085adbbe555bd6dffc2781a0fa222e67dcd5adb0ea405102fab125aac390d7c92d981896bee4f35ff726b0528d1e9ce6

    • SSDEEP

      6144:Yk/Lk3Hn8O58Js+fi7nmDhaUOlpfJpb7TbBnqbn4eZO:Yk/g3HPuJlK7mAnfDloZO

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks