Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

29/05/2023, 05:07

230529-fsb5gshg56 10

22/05/2023, 02:58

230522-dgjdbage8y 10

General

  • Target

    640412edccb9426e721e3c5a0783fdb94337b0ddf9a1c1e53e178d15d415bef6

  • Size

    1.0MB

  • Sample

    230522-dgjdbage8y

  • MD5

    0713965d193cb15fafa35e5e0800971f

  • SHA1

    f23268a4833b212ebee732585e128f6fb94bce85

  • SHA256

    640412edccb9426e721e3c5a0783fdb94337b0ddf9a1c1e53e178d15d415bef6

  • SHA512

    580ccae3dd580c77a6ca6cc6ca0ec78a33c770232af260dc5bb666a58f144d819cce4e736f7edda51893f22ab455272b2cd4ab8c53228ab71f71c20435d86f9c

  • SSDEEP

    24576:5yxYNxdtODEWW+IbVCUvQP2XeRpvn5jVyjLLIcs/5B:sul7AOIUvQPdvn5jkjLLQ/

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.37:4138

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      640412edccb9426e721e3c5a0783fdb94337b0ddf9a1c1e53e178d15d415bef6

    • Size

      1.0MB

    • MD5

      0713965d193cb15fafa35e5e0800971f

    • SHA1

      f23268a4833b212ebee732585e128f6fb94bce85

    • SHA256

      640412edccb9426e721e3c5a0783fdb94337b0ddf9a1c1e53e178d15d415bef6

    • SHA512

      580ccae3dd580c77a6ca6cc6ca0ec78a33c770232af260dc5bb666a58f144d819cce4e736f7edda51893f22ab455272b2cd4ab8c53228ab71f71c20435d86f9c

    • SSDEEP

      24576:5yxYNxdtODEWW+IbVCUvQP2XeRpvn5jVyjLLIcs/5B:sul7AOIUvQPdvn5jkjLLQ/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks