Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    402KB

  • Sample

    230519-lzgw7sga5x

  • MD5

    2a29d4ed0f19046589dbb61b9b93709e

  • SHA1

    3af8e4ff73f9517d3a9353d2bdefab7ec3b4a742

  • SHA256

    fe531dc9fc72351d60ee3f1641595ffc76789f282e7078a4b7553cb8d031260e

  • SHA512

    d9b303db0a954e89b7364d730949866fbf0c6b15f8401b6343e3bf18e2b45d9e5a5e85904ff1a16515fb39d930a9ca53a4e4850f074457d5ae0b5c7ee6106358

  • SSDEEP

    6144:vxPAeSf0Mnngr4pwhUihv+7RCu5kAo2Yi6TuRuzReksW/8093Tue:PSTgrKgUeUD5hoLiuAuftzDue

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

178.33.182.70:18918

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      file.exe

    • Size

      402KB

    • MD5

      2a29d4ed0f19046589dbb61b9b93709e

    • SHA1

      3af8e4ff73f9517d3a9353d2bdefab7ec3b4a742

    • SHA256

      fe531dc9fc72351d60ee3f1641595ffc76789f282e7078a4b7553cb8d031260e

    • SHA512

      d9b303db0a954e89b7364d730949866fbf0c6b15f8401b6343e3bf18e2b45d9e5a5e85904ff1a16515fb39d930a9ca53a4e4850f074457d5ae0b5c7ee6106358

    • SSDEEP

      6144:vxPAeSf0Mnngr4pwhUihv+7RCu5kAo2Yi6TuRuzReksW/8093Tue:PSTgrKgUeUD5hoLiuAuftzDue

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks