Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19eba0d44e1fa574d3772d7e3ea3a5fffd4544f8dc9012af87531b6a2302eb00

  • Size

    854KB

  • Sample

    230817-gtdv5she6s

  • MD5

    82744a748e483776edd4787336182bca

  • SHA1

    f1ca054af178d7426ec399e040a384c83b2e713a

  • SHA256

    19eba0d44e1fa574d3772d7e3ea3a5fffd4544f8dc9012af87531b6a2302eb00

  • SHA512

    88fc3a824cc74f3bfda2122c9133bda3923a6fb465eb76ba685a47907615dfee37dabf6904cd371c5b981421a7570da7cc7d5f86d0c9312df1b6a8bfb58a889f

  • SSDEEP

    12288:9MrQy90KYQU3dgUAVE7moJ1IMwekToiDnnxG/k9Su/Nqd+kyDmkt7iq:ZyR1U3O5uNLIMw2iDxMc/Ahs9

Malware Config

Extracted

Family

redline

Botnet

dava

C2

77.91.124.54:19071

Attributes
  • auth_value

    3ce5222c1baaa06681dfe0012ce1de23

Targets

    • Target

      19eba0d44e1fa574d3772d7e3ea3a5fffd4544f8dc9012af87531b6a2302eb00

    • Size

      854KB

    • MD5

      82744a748e483776edd4787336182bca

    • SHA1

      f1ca054af178d7426ec399e040a384c83b2e713a

    • SHA256

      19eba0d44e1fa574d3772d7e3ea3a5fffd4544f8dc9012af87531b6a2302eb00

    • SHA512

      88fc3a824cc74f3bfda2122c9133bda3923a6fb465eb76ba685a47907615dfee37dabf6904cd371c5b981421a7570da7cc7d5f86d0c9312df1b6a8bfb58a889f

    • SSDEEP

      12288:9MrQy90KYQU3dgUAVE7moJ1IMwekToiDnnxG/k9Su/Nqd+kyDmkt7iq:ZyR1U3O5uNLIMw2iDxMc/Ahs9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks