Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d668fa3bab421509eb905e47d73becc27f4e8aa1c71bf04141f5d4378b9dc09

  • Size

    1.0MB

  • Sample

    230520-s3g5psfg3x

  • MD5

    6912f6e3411d4d8d37a7ff8e4a00dca7

  • SHA1

    21a4ea7ca488a7d9ea80ea26b4c7fd6798d70923

  • SHA256

    2d668fa3bab421509eb905e47d73becc27f4e8aa1c71bf04141f5d4378b9dc09

  • SHA512

    3fb5cc54fb36e945e9e70aa7acb33e221d70616e481a48715ec599e3a0312572f93198272a33639e299c1ae4dc623d5bf6a7f63f9db760aedb11e991151ddecf

  • SSDEEP

    24576:Vyo/llUXckx4mAiz8WzQHxDEGGWq36DjiCwJVkGhRsniWN:wot2XfzzfzQRDjGN3w+D30iW

Score
10/10
redlinederenevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

deren

C2

77.91.68.253:19065

Attributes
  • auth_value

    04a169f1fb198bfbeca74d0e06ea2d54

Targets

    • Target

      2d668fa3bab421509eb905e47d73becc27f4e8aa1c71bf04141f5d4378b9dc09

    • Size

      1.0MB

    • MD5

      6912f6e3411d4d8d37a7ff8e4a00dca7

    • SHA1

      21a4ea7ca488a7d9ea80ea26b4c7fd6798d70923

    • SHA256

      2d668fa3bab421509eb905e47d73becc27f4e8aa1c71bf04141f5d4378b9dc09

    • SHA512

      3fb5cc54fb36e945e9e70aa7acb33e221d70616e481a48715ec599e3a0312572f93198272a33639e299c1ae4dc623d5bf6a7f63f9db760aedb11e991151ddecf

    • SSDEEP

      24576:Vyo/llUXckx4mAiz8WzQHxDEGGWq36DjiCwJVkGhRsniWN:wot2XfzzfzQRDjGN3w+D30iW

    Score
    10/10
    redlinederenevasioninfostealerpersistencetrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks