Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    04093699.exe

  • Size

    585KB

  • Sample

    230606-s2zncsed39

  • MD5

    cdeedcc74a65bbf2d908bad6d34e00f2

  • SHA1

    2d36561512046a42fb0d65d208905a0390c8fe6d

  • SHA256

    f8c960f79319e773cb5491c14ca4bdad349334ab5c9c61da66225641e1af4dda

  • SHA512

    84937ee5cdd28f3e65e181bb0222323f37bb77f9a525ddb982473c379e0017446f2609f4bda054c0f3a846dd6e55ac9e2e5d8c20be596b232cbab7953cad94b4

  • SSDEEP

    12288:EMrhy90PbcMTrqJUoh54wGIRLMvf1nVSTMG:lyEbpO7h54yAfdG

Malware Config

Extracted

Family

redline

Botnet

diza

C2

83.97.73.126:19048

Attributes
  • auth_value

    0d09b419c8bc967f91c68be4a17e92ee

Targets

    • Target

      04093699.exe

    • Size

      585KB

    • MD5

      cdeedcc74a65bbf2d908bad6d34e00f2

    • SHA1

      2d36561512046a42fb0d65d208905a0390c8fe6d

    • SHA256

      f8c960f79319e773cb5491c14ca4bdad349334ab5c9c61da66225641e1af4dda

    • SHA512

      84937ee5cdd28f3e65e181bb0222323f37bb77f9a525ddb982473c379e0017446f2609f4bda054c0f3a846dd6e55ac9e2e5d8c20be596b232cbab7953cad94b4

    • SSDEEP

      12288:EMrhy90PbcMTrqJUoh54wGIRLMvf1nVSTMG:lyEbpO7h54yAfdG

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks