Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    869393692b8fbba04fc5b4cac17717c75c7ac6b7aba34ec96cb851d007190183

  • Size

    1.2MB

  • Sample

    230503-31r71ahc25

  • MD5

    96973db4552fbaea3e1a45e9169e547b

  • SHA1

    86868f205ce2a02f7e7cc60802018f56f6f31281

  • SHA256

    869393692b8fbba04fc5b4cac17717c75c7ac6b7aba34ec96cb851d007190183

  • SHA512

    565dcc12b18a7e2aff09554212052d6c00330d0660b81f3212207b1bf835d633ffd67cda40997130c83089d7c6e5cbd1e800d401393e64bedbbbbc288b9e837b

  • SSDEEP

    24576:Wy0U55CHe73JZaFrhaTol04nhS3p/yzk/NpildP+j:l15C+VZS9aTh4hSByZdP+

Malware Config

Extracted

Family

redline

Botnet

luna

C2

217.196.96.56:4138

Attributes
  • auth_value

    16dec8addb01db1c11c59667022ef7a2

Targets

    • Target

      869393692b8fbba04fc5b4cac17717c75c7ac6b7aba34ec96cb851d007190183

    • Size

      1.2MB

    • MD5

      96973db4552fbaea3e1a45e9169e547b

    • SHA1

      86868f205ce2a02f7e7cc60802018f56f6f31281

    • SHA256

      869393692b8fbba04fc5b4cac17717c75c7ac6b7aba34ec96cb851d007190183

    • SHA512

      565dcc12b18a7e2aff09554212052d6c00330d0660b81f3212207b1bf835d633ffd67cda40997130c83089d7c6e5cbd1e800d401393e64bedbbbbc288b9e837b

    • SSDEEP

      24576:Wy0U55CHe73JZaFrhaTol04nhS3p/yzk/NpildP+j:l15C+VZS9aTh4hSByZdP+

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks