Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9471dc83530260252412901293a9b67bb45df7fea69eb900d8f9ac876f679beb

  • Size

    256KB

  • Sample

    230615-3s1jeabh25

  • MD5

    882a337b9c47f484860ec97f3f52131e

  • SHA1

    436452b23f713d99b0f71c1a7f0848a69e39856e

  • SHA256

    9471dc83530260252412901293a9b67bb45df7fea69eb900d8f9ac876f679beb

  • SHA512

    e847a170aeb0f7281b486a0e9af2c45de0a9df0f5a0b34aea3004c1344a7b637f7d96af0f6deeea6ce2ab3364538a925f5096a81a13cb225a98ee8227ae1b8e9

  • SSDEEP

    6144:izRN/cr0TZC4xR4aPYaD4hYhJWJSW/Ven:o60TZCO4r

Malware Config

Extracted

Family

redline

Botnet

joker

C2

83.97.73.130:19061

Attributes
  • auth_value

    a98d303cc28bb3b32a23c59214ae3bc0

Targets

    • Target

      9471dc83530260252412901293a9b67bb45df7fea69eb900d8f9ac876f679beb

    • Size

      256KB

    • MD5

      882a337b9c47f484860ec97f3f52131e

    • SHA1

      436452b23f713d99b0f71c1a7f0848a69e39856e

    • SHA256

      9471dc83530260252412901293a9b67bb45df7fea69eb900d8f9ac876f679beb

    • SHA512

      e847a170aeb0f7281b486a0e9af2c45de0a9df0f5a0b34aea3004c1344a7b637f7d96af0f6deeea6ce2ab3364538a925f5096a81a13cb225a98ee8227ae1b8e9

    • SSDEEP

      6144:izRN/cr0TZC4xR4aPYaD4hYhJWJSW/Ven:o60TZCO4r

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks