Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b

  • Size

    262KB

  • Sample

    230607-pf6m1aac38

  • MD5

    1ae2d63509750380130d21bd036d9dd0

  • SHA1

    941edd6f8cf9a858e4b2cbb5c1d612fbcd800aaa

  • SHA256

    bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b

  • SHA512

    b38c559752bb6a08de78de74a1506c1dbf2900b2b53cb3b1630ada0157d50092e5b43265a39f1cd487a8f78f835381cb9cb581e8c3de2730056ae7bb5712fb0e

  • SSDEEP

    3072:3x/Q1dYeyVyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:h/Q1CAFaQ7W05AEezbMPZFzAy2Sc

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes
  • auth_value

    2d067e7e2372227d3a03b335260112e9

Targets

    • Target

      bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b

    • Size

      262KB

    • MD5

      1ae2d63509750380130d21bd036d9dd0

    • SHA1

      941edd6f8cf9a858e4b2cbb5c1d612fbcd800aaa

    • SHA256

      bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b

    • SHA512

      b38c559752bb6a08de78de74a1506c1dbf2900b2b53cb3b1630ada0157d50092e5b43265a39f1cd487a8f78f835381cb9cb581e8c3de2730056ae7bb5712fb0e

    • SSDEEP

      3072:3x/Q1dYeyVyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:h/Q1CAFaQ7W05AEezbMPZFzAy2Sc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.