Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    95dbd6a9c065bc50de08888eb.exe

  • Size

    512KB

  • Sample

    230708-wx25gaab3x

  • MD5

    95dbd6a9c065bc50de08888eb366fad5

  • SHA1

    9d30766ec69abde7ea13aade6d07495f16bfd6b1

  • SHA256

    86ab42464328e3c2be9058bdaedd58d64689a269d47b3d7a105f5095e9d18c8f

  • SHA512

    4a57981d073e40394bbda108c7227cb4cdc6c52881f7309fe64ecf2e8a4bdc2f52834441af7f63096ed2d419d3b5d0d6cdf8c8b198e993fdc590da09b5728939

  • SSDEEP

    12288:+wcwfvwaRdnQgzGv1BBLH9rJXitnJey7BFm5Xz9vl:+wc6vw82gzGdjvXiN/N+z

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Targets

    • Target

      95dbd6a9c065bc50de08888eb.exe

    • Size

      512KB

    • MD5

      95dbd6a9c065bc50de08888eb366fad5

    • SHA1

      9d30766ec69abde7ea13aade6d07495f16bfd6b1

    • SHA256

      86ab42464328e3c2be9058bdaedd58d64689a269d47b3d7a105f5095e9d18c8f

    • SHA512

      4a57981d073e40394bbda108c7227cb4cdc6c52881f7309fe64ecf2e8a4bdc2f52834441af7f63096ed2d419d3b5d0d6cdf8c8b198e993fdc590da09b5728939

    • SSDEEP

      12288:+wcwfvwaRdnQgzGv1BBLH9rJXitnJey7BFm5Xz9vl:+wc6vw82gzGdjvXiN/N+z

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks