Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7ba69dcdcf718008905558b36d4d88d3bb139197e278d4453515199f58a7f00e

  • Size

    283KB

  • Sample

    230320-sj3masea94

  • MD5

    9b582f125f4509ffe91fb8851cfc74e6

  • SHA1

    1fc545d613c0488ef0c9b756caa278b685e245c8

  • SHA256

    7ba69dcdcf718008905558b36d4d88d3bb139197e278d4453515199f58a7f00e

  • SHA512

    bd7c724de1c3ddbc15ce72ece5e0b037b177e538a110ad4770ee3a7313bb9c42e8ae18e7f7c917371baae0c9c74ac860bde4bdfd021e97c3b2cbb959279c7b73

  • SSDEEP

    6144:GA9PtDR6Yhoprt7bjSTI/ExnG5ZNyVOn:J9PtDsYho9t7yTNxeLp

Malware Config

Extracted

Family

redline

Botnet

fronx2

C2

fronxtracking.com:80

Attributes
  • auth_value

    0a4100df2644a6a6582137d2da2c8bd1

Targets

    • Target

      7ba69dcdcf718008905558b36d4d88d3bb139197e278d4453515199f58a7f00e

    • Size

      283KB

    • MD5

      9b582f125f4509ffe91fb8851cfc74e6

    • SHA1

      1fc545d613c0488ef0c9b756caa278b685e245c8

    • SHA256

      7ba69dcdcf718008905558b36d4d88d3bb139197e278d4453515199f58a7f00e

    • SHA512

      bd7c724de1c3ddbc15ce72ece5e0b037b177e538a110ad4770ee3a7313bb9c42e8ae18e7f7c917371baae0c9c74ac860bde4bdfd021e97c3b2cbb959279c7b73

    • SSDEEP

      6144:GA9PtDR6Yhoprt7bjSTI/ExnG5ZNyVOn:J9PtDsYho9t7yTNxeLp

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks