Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

2748995dd7...43.exe

windows7-x64

10

2748995dd7...43.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/07/2023, 02:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe

  • Size

    334KB

  • MD5

    dc4af13653424361c3cf615cdfff3afa

  • SHA1

    1194c7654ecd0056e3c87ed9223d62f4380d52c6

  • SHA256

    2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043

  • SHA512

    850e180167cf3c430d3c5a8ed0ab7d261f368476eb7bef565e106da47e4d3ebc00d452f49f4aa670d065da167ec589a23305becc70323148caec2e719727c684

  • SSDEEP

    6144:RLOYUsEKB7WUjcsTgaNFsvmCQu4sFjcMaT:Rix9KZWUvgVuCQYHM

Score
10/10
redlinelogsdiller cloud (telegram: @logsdillabot)infostealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

213.32.110.216:23067

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
    "C:\Users\Admin\AppData\Local\Temp\2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe"
    1⤵
      PID:2268

    Network

      No results found
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      152 B
       3
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      152 B
       3
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      152 B
       3
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      152 B
       3
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      152 B
       3
    • 213.32.110.216:23067
      2748995dd79da265db6a23c20365943d3c3632fde874ad56c49915150bd01043.exe
      104 B
       2
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2268-54-0x0000000000A20000-0x0000000000B20000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2268-55-0x00000000003B0000-0x00000000003EF000-memory.dmp

      Filesize

      252KB

      Download

    • memory/2268-56-0x0000000000400000-0x00000000005D1000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/2268-57-0x0000000074150000-0x000000007483E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/2268-58-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-59-0x0000000002110000-0x0000000002148000-memory.dmp

      Filesize

      224KB

      Download

    • memory/2268-60-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-61-0x0000000000990000-0x00000000009C4000-memory.dmp

      Filesize

      208KB

      Download

    • memory/2268-62-0x0000000002190000-0x0000000002196000-memory.dmp

      Filesize

      24KB

      Download

    • memory/2268-63-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-64-0x0000000000A20000-0x0000000000B20000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/2268-65-0x0000000074150000-0x000000007483E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/2268-66-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-67-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-69-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2268-70-0x00000000049D0000-0x0000000004A10000-memory.dmp

      Filesize

      256KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.