Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    452KB

  • Sample

    230616-v6911aga57

  • MD5

    45a233b6774a3b0c870d171353a6a2e2

  • SHA1

    74e6976aa1b684491819ec031fb175659ae75405

  • SHA256

    0a8f958b2672c2ba729f9fa15c299f31ce31a071796f0a60810db531cdf7876b

  • SHA512

    d454b7140d3504359d290ce1b03067cfe9c60881863b226da1ae5cfccc819968c4fc03cbaeea45a4fd6c3f5c7b561edbf4c9baf358c0aa420b09d6e8aa7693f2

  • SSDEEP

    6144:DCAmhxnLENyu63vFTp6biMHW9WfVW997ghcBz7:mxnwIV31p6bH7fEbgOz

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

147.135.231.58:39396

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      file

    • Size

      452KB

    • MD5

      45a233b6774a3b0c870d171353a6a2e2

    • SHA1

      74e6976aa1b684491819ec031fb175659ae75405

    • SHA256

      0a8f958b2672c2ba729f9fa15c299f31ce31a071796f0a60810db531cdf7876b

    • SHA512

      d454b7140d3504359d290ce1b03067cfe9c60881863b226da1ae5cfccc819968c4fc03cbaeea45a4fd6c3f5c7b561edbf4c9baf358c0aa420b09d6e8aa7693f2

    • SSDEEP

      6144:DCAmhxnLENyu63vFTp6biMHW9WfVW997ghcBz7:mxnwIV31p6bH7fEbgOz

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks