Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    486a9338c04da31e101367e9ca09bbda96b525740aea077b783d98af9571865f

  • Size

    770KB

  • Sample

    230714-17wsnahb5z

  • MD5

    9c89817c1c4cdaca0845c056977f94bc

  • SHA1

    085a246c91e89a9c00b75d3e1d54403dfc4956bb

  • SHA256

    486a9338c04da31e101367e9ca09bbda96b525740aea077b783d98af9571865f

  • SHA512

    c205774bf56513171951313d559498bcca6dfeb7f3e940a24c17806ab67cf2096547ede9b6b13257c351200742c5a3b85797e38830971aaa6715854d52156272

  • SSDEEP

    12288:HMrey90cdNcO42gqGx6PhX+ZM3tnpZ44pxaPZUL75p34h9GdXF94sVriUqNYCc:5yDO2r2kp3pfT34h9SYAN

Malware Config

Extracted

Family

redline

Botnet

masha

C2

77.91.68.48:19071

Attributes
  • auth_value

    55b9b39a0dae383196a4b8d79e5bb805

Targets

    • Target

      486a9338c04da31e101367e9ca09bbda96b525740aea077b783d98af9571865f

    • Size

      770KB

    • MD5

      9c89817c1c4cdaca0845c056977f94bc

    • SHA1

      085a246c91e89a9c00b75d3e1d54403dfc4956bb

    • SHA256

      486a9338c04da31e101367e9ca09bbda96b525740aea077b783d98af9571865f

    • SHA512

      c205774bf56513171951313d559498bcca6dfeb7f3e940a24c17806ab67cf2096547ede9b6b13257c351200742c5a3b85797e38830971aaa6715854d52156272

    • SSDEEP

      12288:HMrey90cdNcO42gqGx6PhX+ZM3tnpZ44pxaPZUL75p34h9GdXF94sVriUqNYCc:5yDO2r2kp3pfT34h9SYAN

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks