Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    1.1MB

  • Sample

    230816-qyq6psda31

  • MD5

    db31ac26d8102b251188f4616a2416ac

  • SHA1

    f4f4fade8d50183cfe177a4a55c56f0a34621171

  • SHA256

    43e4d06b7f480ab5b9491ae2f414a6d4cc6440a3156a3625f6949a67adff7c55

  • SHA512

    17bd7b870edeec081664f58af3da93d2b89975c24d30a66a27c82e3eeb7b46aa766875b72448516d61018a6efb502692266d11db4b16b65fb3d969582edd69f4

  • SSDEEP

    12288:Jb489PUjYfKB/3XhYEdZNlKA7SNV+Jxg1h0gnuY5CP5mkdSvy4t3n5r:JbBMYfKB/3XhYwrQr+J+fkWht35r

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Buy: @logsdillabot)

C2

51.83.170.21:19447

Attributes
  • auth_value

    18f282243ca918bb8571dc26addba30e

Targets

    • Target

      file

    • Size

      1.1MB

    • MD5

      db31ac26d8102b251188f4616a2416ac

    • SHA1

      f4f4fade8d50183cfe177a4a55c56f0a34621171

    • SHA256

      43e4d06b7f480ab5b9491ae2f414a6d4cc6440a3156a3625f6949a67adff7c55

    • SHA512

      17bd7b870edeec081664f58af3da93d2b89975c24d30a66a27c82e3eeb7b46aa766875b72448516d61018a6efb502692266d11db4b16b65fb3d969582edd69f4

    • SSDEEP

      12288:Jb489PUjYfKB/3XhYEdZNlKA7SNV+Jxg1h0gnuY5CP5mkdSvy4t3n5r:JbBMYfKB/3XhYwrQr+J+fkWht35r

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks