Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe

  • Size

    838KB

  • Sample

    230820-sfa3wahf2z

  • MD5

    c5b4cabc96e956778315c37cb403f379

  • SHA1

    4f0a947f3cdce9146e2a26a799f537380c7dc553

  • SHA256

    2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e

  • SHA512

    4f1756a285ef197de036c735d870407558132750775b80d8432bba6cae81ea78d08fce5fc9eaac6999a293de7ec71aa5800d6cdc2489493ad9981a6d11f68999

  • SSDEEP

    12288:yMrXy90rGGUAoW0NZrJkXHFT6Kne/vbpi7V++Goq80YYdTYi0eFTu7v/:Fy6GGWNZ+XHlK/vN/Ydi0eav/

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Targets

    • Target

      2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe

    • Size

      838KB

    • MD5

      c5b4cabc96e956778315c37cb403f379

    • SHA1

      4f0a947f3cdce9146e2a26a799f537380c7dc553

    • SHA256

      2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e

    • SHA512

      4f1756a285ef197de036c735d870407558132750775b80d8432bba6cae81ea78d08fce5fc9eaac6999a293de7ec71aa5800d6cdc2489493ad9981a6d11f68999

    • SSDEEP

      12288:yMrXy90rGGUAoW0NZrJkXHFT6Kne/vbpi7V++Goq80YYdTYi0eFTu7v/:Fy6GGWNZ+XHlK/vN/Ydi0eav/

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks