Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    647feb7cc1e57303bad08c158.exe

  • Size

    517KB

  • Sample

    230708-k9jm4see5w

  • MD5

    a839b1433c6cf133a9146a84dcf15a88

  • SHA1

    278fdc62902264e6f5a759a1779c1282c68436d5

  • SHA256

    647feb7cc1e57303bad08c1584526218fa1564b1c56d6edfe999486bddcc90ac

  • SHA512

    621961ef07994499787d4c933cbbb0cd9e3b96372923a963a8a3202c720d5eec16d2d0e828227d37c29bec292b3281c0bf60cd256901709ac9e9ec79d87091ca

  • SSDEEP

    12288:xf7afvbaRdnQgU+ps4QKrnPQE7mMSNYrHB4VUzSh:xf7wvb82gRu4Q6QEGYVYaSh

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Targets

    • Target

      647feb7cc1e57303bad08c158.exe

    • Size

      517KB

    • MD5

      a839b1433c6cf133a9146a84dcf15a88

    • SHA1

      278fdc62902264e6f5a759a1779c1282c68436d5

    • SHA256

      647feb7cc1e57303bad08c1584526218fa1564b1c56d6edfe999486bddcc90ac

    • SHA512

      621961ef07994499787d4c933cbbb0cd9e3b96372923a963a8a3202c720d5eec16d2d0e828227d37c29bec292b3281c0bf60cd256901709ac9e9ec79d87091ca

    • SSDEEP

      12288:xf7afvbaRdnQgU+ps4QKrnPQE7mMSNYrHB4VUzSh:xf7wvb82gRu4Q6QEGYVYaSh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks