Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe

  • Size

    517KB

  • Sample

    230707-wz667sbe2t

  • MD5

    7f170afae905d5b0c992931753cdf377

  • SHA1

    b13968b4ffa1c8a425553a137b36892a9386f851

  • SHA256

    037cba00bb14891c6e6f91d115b7205721eeefb3464c60dbef6a9dd374accd92

  • SHA512

    65dcb5853a95e71b7d18c1c9a9e63629e57e54ed4e49ce3b0582a72bef2e0fa5308569700ce9467802422ed4129f72706580eac710a42231bd3322924291705a

  • SSDEEP

    12288:Dwr5fvvaRdnQgFx56nfKcanmICbqvmcO/v+:Dwr1vv82gFLw64bqvaH+

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Targets

    • Target

      037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe

    • Size

      517KB

    • MD5

      7f170afae905d5b0c992931753cdf377

    • SHA1

      b13968b4ffa1c8a425553a137b36892a9386f851

    • SHA256

      037cba00bb14891c6e6f91d115b7205721eeefb3464c60dbef6a9dd374accd92

    • SHA512

      65dcb5853a95e71b7d18c1c9a9e63629e57e54ed4e49ce3b0582a72bef2e0fa5308569700ce9467802422ed4129f72706580eac710a42231bd3322924291705a

    • SSDEEP

      12288:Dwr5fvvaRdnQgFx56nfKcanmICbqvmcO/v+:Dwr1vv82gFLw64bqvaH+

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks