Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9e0fefa708c43a47a6b4d3b4928c8e4df0e2ac6a64ff99285239fd5c7f838185

  • Size

    282KB

  • Sample

    230607-1w1mgagd86

  • MD5

    28a848d757434843f442a2e912776abe

  • SHA1

    6a4e9d08dc0452e2150185965de2a93bad7f9f8d

  • SHA256

    9e0fefa708c43a47a6b4d3b4928c8e4df0e2ac6a64ff99285239fd5c7f838185

  • SHA512

    0325e87187e160aa9d2050650377b6c961db0d81ef8f04852341c57577977deecd415a1360e252c29f8e5e55f05d45d357e53969555c9ce4dbe674899606bfd9

  • SSDEEP

    6144:xQvoWvJeeh6UwvTygXUNVS4MGh1aBFrvz1xcxcWhirt:xUl2yR1aBFrvz1xcxdirt

Score
10/10
redlinesheroninfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes
  • auth_value

    2d067e7e2372227d3a03b335260112e9

Targets

    • Target

      9e0fefa708c43a47a6b4d3b4928c8e4df0e2ac6a64ff99285239fd5c7f838185

    • Size

      282KB

    • MD5

      28a848d757434843f442a2e912776abe

    • SHA1

      6a4e9d08dc0452e2150185965de2a93bad7f9f8d

    • SHA256

      9e0fefa708c43a47a6b4d3b4928c8e4df0e2ac6a64ff99285239fd5c7f838185

    • SHA512

      0325e87187e160aa9d2050650377b6c961db0d81ef8f04852341c57577977deecd415a1360e252c29f8e5e55f05d45d357e53969555c9ce4dbe674899606bfd9

    • SSDEEP

      6144:xQvoWvJeeh6UwvTygXUNVS4MGh1aBFrvz1xcxcWhirt:xUl2yR1aBFrvz1xcxdirt

    Score
    10/10
    redlinesheroninfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks