Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0x000600000002315b-161.dat

  • Size

    145KB

  • Sample

    230527-x3z3qsdc9s

  • MD5

    6accf3c6559528ed94b20814f402c2e1

  • SHA1

    226e1958e9d8836091517c1101c228dbe4c9b080

  • SHA256

    e19428ac1f79156ea188a65e974d142915fd69eae764340aa573249d16d6ebee

  • SHA512

    3499c0446f8ff6b787ca2ad324581bbb3d1d7785a9888979520d27ac1855c978c48536750b4801d92144b05f7951607f20728633934f00416f9b3b2f7be4101b

  • SSDEEP

    3072:UV+m5crQmRSR38jQ50LiZzq6/hCZx8e8hG:UjCZVLq/hCr

Malware Config

Extracted

Family

redline

Botnet

dura

C2

83.97.73.127:19062

Attributes
  • auth_value

    44b7d6fb9572dea0d64d018139c3d208

Targets

    • Target

      0x000600000002315b-161.dat

    • Size

      145KB

    • MD5

      6accf3c6559528ed94b20814f402c2e1

    • SHA1

      226e1958e9d8836091517c1101c228dbe4c9b080

    • SHA256

      e19428ac1f79156ea188a65e974d142915fd69eae764340aa573249d16d6ebee

    • SHA512

      3499c0446f8ff6b787ca2ad324581bbb3d1d7785a9888979520d27ac1855c978c48536750b4801d92144b05f7951607f20728633934f00416f9b3b2f7be4101b

    • SSDEEP

      3072:UV+m5crQmRSR38jQ50LiZzq6/hCZx8e8hG:UjCZVLq/hCr

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks