Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    2.3MB

  • Sample

    230816-ml4dqaca9y

  • MD5

    89d0f2333461140be663bdd62933f176

  • SHA1

    9edf3e914b13744ba9e6e75a096ac5c92c84970a

  • SHA256

    0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167

  • SHA512

    99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22

  • SSDEEP

    12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr

Malware Config

Targets

    • Target

      file

    • Size

      2.3MB

    • MD5

      89d0f2333461140be663bdd62933f176

    • SHA1

      9edf3e914b13744ba9e6e75a096ac5c92c84970a

    • SHA256

      0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167

    • SHA512

      99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22

    • SSDEEP

      12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks