Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    23fbee8f0fc05dc38f50f341c80cd5f5f40e9d546b8f7a3e3ddf3608322f78b9_JC.exe

  • Size

    2.5MB

  • Sample

    230805-lzn1hsbc49

  • MD5

    73f6aab3ac44197983d1744638262aa6

  • SHA1

    e393c0efad3facaccf78cd3dfea8c850d1fcabc5

  • SHA256

    23fbee8f0fc05dc38f50f341c80cd5f5f40e9d546b8f7a3e3ddf3608322f78b9

  • SHA512

    5254105cb31a545d0d99d82cbf6cd6a70198cf6a7b269cc408cf56a8989a7cafa1c8993930f90d1dbc24df5e8ca94ded8551dc12024710a1c03860ccaaa88903

  • SSDEEP

    24576:zvfDdstXT4e+MXrgWlDg8MnmBJyQVvDEH:z2XT4e+OdrLBBxEH

Malware Config

Targets

    • Target

      23fbee8f0fc05dc38f50f341c80cd5f5f40e9d546b8f7a3e3ddf3608322f78b9_JC.exe

    • Size

      2.5MB

    • MD5

      73f6aab3ac44197983d1744638262aa6

    • SHA1

      e393c0efad3facaccf78cd3dfea8c850d1fcabc5

    • SHA256

      23fbee8f0fc05dc38f50f341c80cd5f5f40e9d546b8f7a3e3ddf3608322f78b9

    • SHA512

      5254105cb31a545d0d99d82cbf6cd6a70198cf6a7b269cc408cf56a8989a7cafa1c8993930f90d1dbc24df5e8ca94ded8551dc12024710a1c03860ccaaa88903

    • SSDEEP

      24576:zvfDdstXT4e+MXrgWlDg8MnmBJyQVvDEH:z2XT4e+OdrLBBxEH

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks