Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0x000600000001afd2-169.dat

  • Size

    173KB

  • Sample

    230805-fchmbsfg33

  • MD5

    32b8281eb4b402ab5e164d932f8c8a2c

  • SHA1

    417aae61797a4f73d3513823d1c94aca7eb4f69c

  • SHA256

    d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c

  • SHA512

    5ec4b41353d9991229b825e664aac21764063b1139172a1eb6d5efa1ba304494b9a0b61646f5a3bc87b2263036f57a240af8c6c3d4959c92315814565d41e3ec

  • SSDEEP

    3072:b5fB8CH2R16klxNtmud8q6msW+/8e8hrXO:bF5kbjV6msW+/

Malware Config

Extracted

Family

redline

Botnet

maxik

C2

77.91.124.156:19071

Attributes
  • auth_value

    a7714e1bc167c67e3fc8f9e368352269

Targets

    • Target

      0x000600000001afd2-169.dat

    • Size

      173KB

    • MD5

      32b8281eb4b402ab5e164d932f8c8a2c

    • SHA1

      417aae61797a4f73d3513823d1c94aca7eb4f69c

    • SHA256

      d6c3c73bab780c6f91cf34ea6fd895826e11128da0a1f4eb6a5a4e734f3cbd9c

    • SHA512

      5ec4b41353d9991229b825e664aac21764063b1139172a1eb6d5efa1ba304494b9a0b61646f5a3bc87b2263036f57a240af8c6c3d4959c92315814565d41e3ec

    • SSDEEP

      3072:b5fB8CH2R16klxNtmud8q6msW+/8e8hrXO:bF5kbjV6msW+/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

MITRE ATT&CK Matrix

Tasks