Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    019287ba046373eeb9aea9f040c6406db65a218e7186a6071cb74eee46167c2f

  • Size

    291KB

  • Sample

    230403-lq3sbafd5w

  • MD5

    bce60dbcae5695b99ec8315304241195

  • SHA1

    0621097dfcd1537be3b11650f46f129525385306

  • SHA256

    019287ba046373eeb9aea9f040c6406db65a218e7186a6071cb74eee46167c2f

  • SHA512

    108ec9270319dd2e56f1877cf70752c370452b91332ddb161fa50d7eada27c3451eec3b398c322da8bed8efd5467074d61f76a9e358141407dc3cbe8abc97594

  • SSDEEP

    6144:8LsQrX+oTaC8u0SiznKnpRW32Y0RJPzn+Gk:lOX+AaCransTQaJPzn+

Malware Config

Extracted

Family

redline

Botnet

@Germany

C2

185.11.61.125:22344

Attributes
  • auth_value

    9d15d78194367a949e54a07d6ce02c62

Targets

    • Target

      019287ba046373eeb9aea9f040c6406db65a218e7186a6071cb74eee46167c2f

    • Size

      291KB

    • MD5

      bce60dbcae5695b99ec8315304241195

    • SHA1

      0621097dfcd1537be3b11650f46f129525385306

    • SHA256

      019287ba046373eeb9aea9f040c6406db65a218e7186a6071cb74eee46167c2f

    • SHA512

      108ec9270319dd2e56f1877cf70752c370452b91332ddb161fa50d7eada27c3451eec3b398c322da8bed8efd5467074d61f76a9e358141407dc3cbe8abc97594

    • SSDEEP

      6144:8LsQrX+oTaC8u0SiznKnpRW32Y0RJPzn+Gk:lOX+AaCransTQaJPzn+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks