Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5461b2ea5f397c9dffba0bf58e4b4a77.bin

  • Size

    1.3MB

  • Sample

    230712-bqjpbsbd95

  • MD5

    3fc9f2b6b2dfe4f6202506e738c61a56

  • SHA1

    05bac3eb7f26d531e87ca0e6469a3db7f9b4d70c

  • SHA256

    7fd190439f0ae37e1f774f163eaa9d28a826b8834f3978882222a63d9d220f23

  • SHA512

    e87e1d5ee6bbaac089585badcf23781514631cb7dc664d098b94f1a6cc0be228a24f1054a3f1fd3692fb23104f5450a6df60faf530d2a666675bf5d67ba23623

  • SSDEEP

    24576:c1ZpIcu3sQmslL1suMk67atQqM8SHIYWVlSweOxMnmPns989KB0mB3b6q:WrIc+V1jMkttQ9WzSweOamPnCI40O1

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Targets

    • Target

      26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae.exe

    • Size

      1.3MB

    • MD5

      5461b2ea5f397c9dffba0bf58e4b4a77

    • SHA1

      4aa5824c71de814f76a2c18f0ebccc0d47d1269f

    • SHA256

      26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae

    • SHA512

      d7d79de2545ef38d463b3c3d75f1bf7267727f5fcf35fa183cf2fe2b529b58a96ca5e436f08fb3684c3651b6fd690215578eece22f693d323b69f6811dc45c36

    • SSDEEP

      24576:bE47kOUEfJvETlpqftmHioiS+yvk3RZAdBbVTb34k30/8dRi9:bEq5PfJvExMftmHzO0khZApykji9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks