Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    07a1878ca14469f06c3abfdc9df9af655f776ae76d790e3a90f888b3b049c726

  • Size

    1.0MB

  • Sample

    230522-gcsyqsec48

  • MD5

    34ebde00807d6763e6a4371a8187e81b

  • SHA1

    03893273b15834d66a151c5f0d3411fbabd13736

  • SHA256

    07a1878ca14469f06c3abfdc9df9af655f776ae76d790e3a90f888b3b049c726

  • SHA512

    b3d13c628294570f578dd7b7aecc9879eae5dab74e4fe00f16ba59bb142c334bd484b4b3b207b31c8e197d2b8ccf62b6723d39f149678f30284f432b8dd2e736

  • SSDEEP

    24576:EypsyZZK0nEfg1/kTdx11e1NYS9JFR+W3HPR/VdjvVtitw:TpsyUmMDfeQ8R9tdtit

Malware Config

Extracted

Family

redline

Botnet

diza

C2

185.161.248.37:4138

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      07a1878ca14469f06c3abfdc9df9af655f776ae76d790e3a90f888b3b049c726

    • Size

      1.0MB

    • MD5

      34ebde00807d6763e6a4371a8187e81b

    • SHA1

      03893273b15834d66a151c5f0d3411fbabd13736

    • SHA256

      07a1878ca14469f06c3abfdc9df9af655f776ae76d790e3a90f888b3b049c726

    • SHA512

      b3d13c628294570f578dd7b7aecc9879eae5dab74e4fe00f16ba59bb142c334bd484b4b3b207b31c8e197d2b8ccf62b6723d39f149678f30284f432b8dd2e736

    • SSDEEP

      24576:EypsyZZK0nEfg1/kTdx11e1NYS9JFR+W3HPR/VdjvVtitw:TpsyUmMDfeQ8R9tdtit

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks