Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19e430ece606b3c7a85856d2d0597482.exe

  • Size

    855KB

  • Sample

    230818-q6pylsbf8t

  • MD5

    19e430ece606b3c7a85856d2d0597482

  • SHA1

    86cc5abe88800f485c32391bda6fec463b01296a

  • SHA256

    4257603f3ebc986c59d5dd7ca93f69d52a4c673c1eae2c2e53eb7060cb15336c

  • SHA512

    5d1e38429bf663e9dec44a81b05c0fc80379d6a48fa513ae895154e9ac2aeb214a1ada8da6ab08ac6df03cab2a4c1f86a4b811f71bdb6d69da77441d85463d07

  • SSDEEP

    12288:dMriy905dxAiRWDcc9QsaeCxm46NTtGMxC7PotBzkYHEJ1Atg7Z8Fulh:vywxA/4OpJNtk8tFkPAt2Z8U3

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Targets

    • Target

      19e430ece606b3c7a85856d2d0597482.exe

    • Size

      855KB

    • MD5

      19e430ece606b3c7a85856d2d0597482

    • SHA1

      86cc5abe88800f485c32391bda6fec463b01296a

    • SHA256

      4257603f3ebc986c59d5dd7ca93f69d52a4c673c1eae2c2e53eb7060cb15336c

    • SHA512

      5d1e38429bf663e9dec44a81b05c0fc80379d6a48fa513ae895154e9ac2aeb214a1ada8da6ab08ac6df03cab2a4c1f86a4b811f71bdb6d69da77441d85463d07

    • SSDEEP

      12288:dMriy905dxAiRWDcc9QsaeCxm46NTtGMxC7PotBzkYHEJ1Atg7Z8Fulh:vywxA/4OpJNtk8tFkPAt2Z8U3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks