Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    NỘI DUNG THUÊ NHÓM ĐĂNG BÀI.bat

  • Size

    883KB

  • Sample

    230705-g6mntaag72

  • MD5

    a2af610174e71e428e3901160728cfde

  • SHA1

    9637079bab94a01e51b0b674418ce9ef37ec94d9

  • SHA256

    658291af7d8abb18d30b66c9d283132621f3f403b21a4211ea95ea1358280b02

  • SHA512

    69f35d509790717547be19c903a8c4a3ddfaa464d5447ca20e7868b48e0d4223adaa068b8039bbf948344588a6505e9ffad22de14af4045735d1be78ee98688f

  • SSDEEP

    24576:5nQ0lF65PDm3oUV83iQ2/x/G06VyN6WSzCjSQY/iuP:5Q0j65PY/YeNJjHY/t

Score
10/10

Malware Config

Targets

    • Target

      NỘI DUNG THUÊ NHÓM ĐĂNG BÀI.bat

    • Size

      883KB

    • MD5

      a2af610174e71e428e3901160728cfde

    • SHA1

      9637079bab94a01e51b0b674418ce9ef37ec94d9

    • SHA256

      658291af7d8abb18d30b66c9d283132621f3f403b21a4211ea95ea1358280b02

    • SHA512

      69f35d509790717547be19c903a8c4a3ddfaa464d5447ca20e7868b48e0d4223adaa068b8039bbf948344588a6505e9ffad22de14af4045735d1be78ee98688f

    • SSDEEP

      24576:5nQ0lF65PDm3oUV83iQ2/x/G06VyN6WSzCjSQY/iuP:5Q0j65PY/YeNJjHY/t

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks