Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b27d983e1f00286a3301e8104c95ce0db23437aadafa9d6169a1f1af47e66c4f

  • Size

    1022KB

  • Sample

    230521-fk4vjagc63

  • MD5

    d55fb4d5d34be82121fe53c3a62ec4c4

  • SHA1

    da2f4405b3eabce48bb402b3c28d3a53a72a3e59

  • SHA256

    b27d983e1f00286a3301e8104c95ce0db23437aadafa9d6169a1f1af47e66c4f

  • SHA512

    cc9a5abee6c0aefc29d83fca435d4b266b8cbe9a92d61258981613dc8a33cd332e12758354414c8aff019a826fa5e15993ac847c1e1cf947d65e12d04fdcffa7

  • SSDEEP

    24576:UytxWt5i44hH+V6qt4IWQhjs6ChVcojVoqI7q3oc2DLox4:jDWTShH+V6qtN/ChVcojVoqI7qW

Score
10/10
redlinemixaevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

mixa

C2

185.161.248.37:4138

Attributes
  • auth_value

    9d14534b25ac495ab25b59800acf3bb2

Targets

    • Target

      b27d983e1f00286a3301e8104c95ce0db23437aadafa9d6169a1f1af47e66c4f

    • Size

      1022KB

    • MD5

      d55fb4d5d34be82121fe53c3a62ec4c4

    • SHA1

      da2f4405b3eabce48bb402b3c28d3a53a72a3e59

    • SHA256

      b27d983e1f00286a3301e8104c95ce0db23437aadafa9d6169a1f1af47e66c4f

    • SHA512

      cc9a5abee6c0aefc29d83fca435d4b266b8cbe9a92d61258981613dc8a33cd332e12758354414c8aff019a826fa5e15993ac847c1e1cf947d65e12d04fdcffa7

    • SSDEEP

      24576:UytxWt5i44hH+V6qt4IWQhjs6ChVcojVoqI7q3oc2DLox4:jDWTShH+V6qtN/ChVcojVoqI7qW

    Score
    10/10
    redlinemixaevasioninfostealerpersistencetrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks