Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ad99d1953019f7fb59e8feb9004b44226fdb61d9a0b02828b1a2cda154b7cbde

  • Size

    583KB

  • Sample

    230606-epcfeabh84

  • MD5

    a0499c7f6dd064a93c924a7a04c6b982

  • SHA1

    bc9036ad822351914e8a9471f2da04eb2ccec936

  • SHA256

    ad99d1953019f7fb59e8feb9004b44226fdb61d9a0b02828b1a2cda154b7cbde

  • SHA512

    ba5df4e5cf4bac957e0d86070c77b158d6baf60e8d850a184710d734d2a3505a786a5654ffc131d208c0bb0ff47f8aad432a360f78ea3e93d469a87c20ab3d4f

  • SSDEEP

    12288:xMrMJy90Y/yiW65U9i7o8dkXfaE//+oRgOrDxvq:bJy1NU9iCvaOmoVrDxS

Score
10/10
redlinedizaevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19048

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      ad99d1953019f7fb59e8feb9004b44226fdb61d9a0b02828b1a2cda154b7cbde

    • Size

      583KB

    • MD5

      a0499c7f6dd064a93c924a7a04c6b982

    • SHA1

      bc9036ad822351914e8a9471f2da04eb2ccec936

    • SHA256

      ad99d1953019f7fb59e8feb9004b44226fdb61d9a0b02828b1a2cda154b7cbde

    • SHA512

      ba5df4e5cf4bac957e0d86070c77b158d6baf60e8d850a184710d734d2a3505a786a5654ffc131d208c0bb0ff47f8aad432a360f78ea3e93d469a87c20ab3d4f

    • SSDEEP

      12288:xMrMJy90Y/yiW65U9i7o8dkXfaE//+oRgOrDxvq:bJy1NU9iCvaOmoVrDxS

    Score
    10/10
    redlinedizaevasioninfostealerpersistencetrojan

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks