Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795

  • Size

    760KB

  • Sample

    230529-d85qmahe27

  • MD5

    13e20284ca88bd97247c9f9c7c669c29

  • SHA1

    1b28f7a71df60402fe9fc6a49f38b17dc8501700

  • SHA256

    8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795

  • SHA512

    125fbb6a0d246bcaa1db02bf0943d2459f974635a8861fa8eabed9cd8c3da85377dc90be5e3b689bb42dac760ec9103d16c62a8fdd517e8712b7b907f3fb80da

  • SSDEEP

    12288:vMrIy90pyJ0Y+YVY+ZZOR0fUBN542JHL6aQQ3n/7j3w0QKmzgboGyiM8rt3TQEN:PyoY7Zc1O2JHLp/nP3w0QKmzg5JyEN

Malware Config

Extracted

Family

redline

Botnet

dura

C2

83.97.73.127:19062

Attributes
  • auth_value

    44b7d6fb9572dea0d64d018139c3d208

Targets

    • Target

      8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795

    • Size

      760KB

    • MD5

      13e20284ca88bd97247c9f9c7c669c29

    • SHA1

      1b28f7a71df60402fe9fc6a49f38b17dc8501700

    • SHA256

      8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795

    • SHA512

      125fbb6a0d246bcaa1db02bf0943d2459f974635a8861fa8eabed9cd8c3da85377dc90be5e3b689bb42dac760ec9103d16c62a8fdd517e8712b7b907f3fb80da

    • SSDEEP

      12288:vMrIy90pyJ0Y+YVY+ZZOR0fUBN542JHL6aQQ3n/7j3w0QKmzgboGyiM8rt3TQEN:PyoY7Zc1O2JHLp/nP3w0QKmzg5JyEN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks