Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161

  • Size

    1.0MB

  • Sample

    230521-fe1wpagc46

  • MD5

    80dc22efc81ed2bf30b7a969c50f4deb

  • SHA1

    4635b28401f2a4cb87cd5a3673aba87970ccb271

  • SHA256

    c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161

  • SHA512

    6b16c87b0f3fcf7feb64cfd9e789678e3d1fefa94fc20fbc9fadaa636c4561d08d7d0c828709ac2b3d13b161692933e15b81969cdd5df107ba41e0a0dc879627

  • SSDEEP

    24576:Ty3VHq01WAahu1Y+83ubdHO+WhcrVhaVHK3uuheaqGk:mlHq01ay8+bdHO+dLa83BuG

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.37:4138

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161

    • Size

      1.0MB

    • MD5

      80dc22efc81ed2bf30b7a969c50f4deb

    • SHA1

      4635b28401f2a4cb87cd5a3673aba87970ccb271

    • SHA256

      c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161

    • SHA512

      6b16c87b0f3fcf7feb64cfd9e789678e3d1fefa94fc20fbc9fadaa636c4561d08d7d0c828709ac2b3d13b161692933e15b81969cdd5df107ba41e0a0dc879627

    • SSDEEP

      24576:Ty3VHq01WAahu1Y+83ubdHO+WhcrVhaVHK3uuheaqGk:mlHq01ay8+bdHO+dLa83BuG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks