Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7d0baead8a10ebcf04a21f3b25c0baaa593f3ebd3eae14fbe42277dd7b157f4b

  • Size

    956KB

  • Sample

    230819-eq933ahd5z

  • MD5

    6faf4c7caaf08d52f80818c863945711

  • SHA1

    488fdeed0b6840cc4ef7b9090b0cfe801a3e1432

  • SHA256

    7d0baead8a10ebcf04a21f3b25c0baaa593f3ebd3eae14fbe42277dd7b157f4b

  • SHA512

    cdc357dc067c6946686430a37f39d8ac456b6f6a138df6fac393ca4b4f67d461bedac0d239647e6d51b450fdd7eaa35b8bc362a3545fdeae97107a0de1b77f98

  • SSDEEP

    24576:KypyzTXzf4vX95Y3asQiBjKObSpKDermPo3:RCTLD37QiBj72cSgo

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Targets

    • Target

      7d0baead8a10ebcf04a21f3b25c0baaa593f3ebd3eae14fbe42277dd7b157f4b

    • Size

      956KB

    • MD5

      6faf4c7caaf08d52f80818c863945711

    • SHA1

      488fdeed0b6840cc4ef7b9090b0cfe801a3e1432

    • SHA256

      7d0baead8a10ebcf04a21f3b25c0baaa593f3ebd3eae14fbe42277dd7b157f4b

    • SHA512

      cdc357dc067c6946686430a37f39d8ac456b6f6a138df6fac393ca4b4f67d461bedac0d239647e6d51b450fdd7eaa35b8bc362a3545fdeae97107a0de1b77f98

    • SSDEEP

      24576:KypyzTXzf4vX95Y3asQiBjKObSpKDermPo3:RCTLD37QiBj72cSgo

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks