Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0132c101423fa2b115a816d8af7885526f7113321b27c78088990da08e9a634b

  • Size

    1.0MB

  • Sample

    230522-dfyrlsge8x

  • MD5

    174ca1152c5569b07f50fcc4a7013ef3

  • SHA1

    cb7a78d66be98157b4ef311ef5ec9117d6fb7c5f

  • SHA256

    0132c101423fa2b115a816d8af7885526f7113321b27c78088990da08e9a634b

  • SHA512

    024d25e91cb164b8d920c5658542b489fc936cf74b096e44ea86046e0e726201802b8931a48c9dcb5a13171834567786b347ed2f8bbe04458d75013731dd4f8e

  • SSDEEP

    24576:qydvg+omjTkScyaGq9mw7Uy6cOklrDafpyD1:xdvhomjTpcyJq9mw7U8LIG

Malware Config

Extracted

Family

redline

Botnet

mixa

C2

185.161.248.37:4138

Attributes
  • auth_value

    9d14534b25ac495ab25b59800acf3bb2

Targets

    • Target

      0132c101423fa2b115a816d8af7885526f7113321b27c78088990da08e9a634b

    • Size

      1.0MB

    • MD5

      174ca1152c5569b07f50fcc4a7013ef3

    • SHA1

      cb7a78d66be98157b4ef311ef5ec9117d6fb7c5f

    • SHA256

      0132c101423fa2b115a816d8af7885526f7113321b27c78088990da08e9a634b

    • SHA512

      024d25e91cb164b8d920c5658542b489fc936cf74b096e44ea86046e0e726201802b8931a48c9dcb5a13171834567786b347ed2f8bbe04458d75013731dd4f8e

    • SSDEEP

      24576:qydvg+omjTkScyaGq9mw7Uy6cOklrDafpyD1:xdvhomjTpcyJq9mw7U8LIG

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks