Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    844a6bfd00c1759876a543a463f3827091151583bd18c65514cce3e68c5471ae

  • Size

    580KB

  • Sample

    230605-ge2nnafe71

  • MD5

    f0847f9859792ea3f7138a6d8b958ea5

  • SHA1

    fc8d49204c7be0a62b62700513e3596a6074852c

  • SHA256

    844a6bfd00c1759876a543a463f3827091151583bd18c65514cce3e68c5471ae

  • SHA512

    8e0e06712a628ef4289d998c72819c636338baab0ecf482f3510f4f3e35888ef1c56dfd6914f35829d1c2e12ac73b5f94534da9ecc839929e0321adcee232fd0

  • SSDEEP

    12288:qMrcy907AAs7hmNR0jyg+PZhQzEgFFrNbcDAPJGI64F:SymAAYUWjOZhEEgFF1cUA4F

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19046

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      844a6bfd00c1759876a543a463f3827091151583bd18c65514cce3e68c5471ae

    • Size

      580KB

    • MD5

      f0847f9859792ea3f7138a6d8b958ea5

    • SHA1

      fc8d49204c7be0a62b62700513e3596a6074852c

    • SHA256

      844a6bfd00c1759876a543a463f3827091151583bd18c65514cce3e68c5471ae

    • SHA512

      8e0e06712a628ef4289d998c72819c636338baab0ecf482f3510f4f3e35888ef1c56dfd6914f35829d1c2e12ac73b5f94534da9ecc839929e0321adcee232fd0

    • SSDEEP

      12288:qMrcy907AAs7hmNR0jyg+PZhQzEgFFrNbcDAPJGI64F:SymAAYUWjOZhEEgFF1cUA4F

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks