Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0x000600000002313e-188.dat

  • Size

    168KB

  • Sample

    230511-hm3rcscb79

  • MD5

    ed157b317eb07304af11bcc2ba7c444f

  • SHA1

    cb5373125c2494b9d0291221fae4e1677e6e5faa

  • SHA256

    20f8c476655d28ddbe9f0c7ff2fae61a757f36aaffa010d793a11df83e901d88

  • SHA512

    c9281bdd0edebbb654ba65318c9c83ac0b4189a2ee6f70d9e82a98a10b1a1373b4bd5d85aec8e763a991431001be9c8cf93ff27986a96c48483b15ca1d5c8d2a

  • SSDEEP

    3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9

Malware Config

Extracted

Family

redline

Botnet

mixa

C2

185.161.248.75:4132

Attributes
  • auth_value

    9d14534b25ac495ab25b59800acf3bb2

Targets

    • Target

      0x000600000002313e-188.dat

    • Size

      168KB

    • MD5

      ed157b317eb07304af11bcc2ba7c444f

    • SHA1

      cb5373125c2494b9d0291221fae4e1677e6e5faa

    • SHA256

      20f8c476655d28ddbe9f0c7ff2fae61a757f36aaffa010d793a11df83e901d88

    • SHA512

      c9281bdd0edebbb654ba65318c9c83ac0b4189a2ee6f70d9e82a98a10b1a1373b4bd5d85aec8e763a991431001be9c8cf93ff27986a96c48483b15ca1d5c8d2a

    • SSDEEP

      3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.