Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1

  • Size

    793KB

  • Sample

    230505-w7p8nafh2w

  • MD5

    89502c6c153edde186731b3374d803dd

  • SHA1

    50535f39cee7d9d53333bef4bf702af8a9283743

  • SHA256

    7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1

  • SHA512

    aacb5b9092adda55ff623abdc754d1479074795d88deaaaff0ea42ca8342d8c510384654a3cbf0efa6ac15a7ea4519421e18a4cf3467128074059a8ed8cff905

  • SSDEEP

    24576:Byecjv2SbngMnoRGOj8bD9q5LlhSOjLwe:0eXMohp5Ljfvw

Malware Config

Extracted

Family

redline

Botnet

gena

C2

185.161.248.73:4164

Attributes
  • auth_value

    d05bf43eef533e262271449829751d07

Extracted

Family

redline

Botnet

dante

C2

185.161.248.73:4164

Attributes
  • auth_value

    f4066af6b8a6f23125c8ee48288a3f90

Targets

    • Target

      7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1

    • Size

      793KB

    • MD5

      89502c6c153edde186731b3374d803dd

    • SHA1

      50535f39cee7d9d53333bef4bf702af8a9283743

    • SHA256

      7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1

    • SHA512

      aacb5b9092adda55ff623abdc754d1479074795d88deaaaff0ea42ca8342d8c510384654a3cbf0efa6ac15a7ea4519421e18a4cf3467128074059a8ed8cff905

    • SSDEEP

      24576:Byecjv2SbngMnoRGOj8bD9q5LlhSOjLwe:0eXMohp5Ljfvw

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks