Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0x0008000000015e75-68.dat

  • Size

    173KB

  • Sample

    230704-rbjzjsdg43

  • MD5

    5b1d6ebae58d6b2b3ee38212aac196e1

  • SHA1

    f7d2c38bb909b7dd2e2b8b4b5d360a1546affa69

  • SHA256

    f3d163ce7e6ec47697c4f53b4f98899edb6a50f4f2855203f4920c51c2c954c3

  • SHA512

    dd07d85c6bad300920e57d01cbd430e088282d2c5834cb11a78e54af6f09e05797e6e8f046a9c64ce5c765e4ea7354dca0b47857c8846012eb0356ba22f1decf

  • SSDEEP

    3072:HWKe1kiJtebRavRJxNv4nFkbgWoHn8e8hI:HWcUt1RZbgWoHn

Malware Config

Extracted

Family

redline

Botnet

duza

C2

83.97.73.129:19071

Attributes
  • auth_value

    787a4e3bbc78fd525526de1098cb0621

Targets

    • Target

      0x0008000000015e75-68.dat

    • Size

      173KB

    • MD5

      5b1d6ebae58d6b2b3ee38212aac196e1

    • SHA1

      f7d2c38bb909b7dd2e2b8b4b5d360a1546affa69

    • SHA256

      f3d163ce7e6ec47697c4f53b4f98899edb6a50f4f2855203f4920c51c2c954c3

    • SHA512

      dd07d85c6bad300920e57d01cbd430e088282d2c5834cb11a78e54af6f09e05797e6e8f046a9c64ce5c765e4ea7354dca0b47857c8846012eb0356ba22f1decf

    • SSDEEP

      3072:HWKe1kiJtebRavRJxNv4nFkbgWoHn8e8hI:HWcUt1RZbgWoHn

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

MITRE ATT&CK Matrix

Tasks