Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021

  • Size

    580KB

  • Sample

    230605-lfk5hsfg22

  • MD5

    8e9a4efaf38f0a13febed31d0cc20b56

  • SHA1

    86c4b21f714bebb72f43a39660879af686aef950

  • SHA256

    6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021

  • SHA512

    067d2f517f77983e56fa9b81c3fc65c695e16f62e4d5bb24b82d34a49614f10216e1328fa2740dab45cc3eebecbe99d8dca4a0e687913a659cb246547e83559c

  • SSDEEP

    12288:6Mryy90La31vaRC5DMkYJCN/f9SVlnZ3dKvQHzwVg6O8:UyeC5J+CN/fM7+QHEV5

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19046

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021

    • Size

      580KB

    • MD5

      8e9a4efaf38f0a13febed31d0cc20b56

    • SHA1

      86c4b21f714bebb72f43a39660879af686aef950

    • SHA256

      6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021

    • SHA512

      067d2f517f77983e56fa9b81c3fc65c695e16f62e4d5bb24b82d34a49614f10216e1328fa2740dab45cc3eebecbe99d8dca4a0e687913a659cb246547e83559c

    • SSDEEP

      12288:6Mryy90La31vaRC5DMkYJCN/f9SVlnZ3dKvQHzwVg6O8:UyeC5J+CN/fM7+QHEV5

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks