Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1

  • Size

    823KB

  • Sample

    230821-efkqesaf83

  • MD5

    518f0ed5a5fb0affd243f17820ff9daf

  • SHA1

    713884f771ed469091f0ff492d993c55ac04cac4

  • SHA256

    09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1

  • SHA512

    1ad6ab6dcf99b4aa6bed4c87e76c1bb0cd63efa848c5e1a1ce432a2f07275db137654822ba57328320b5771354e2184c8ad0b8cf37773633353ea7bae83610c0

  • SSDEEP

    12288:dMrHy90GYbFfNluw400uhhOjSjuQNv6tBKJyCZiUOK1oab2KK6gVDAFI90:KyfAQR0R0jypCBmytUZ1B2lrDAFI90

Malware Config

Extracted

Family

redline

Botnet

chang

C2

77.91.124.73:19071

Attributes
  • auth_value

    92b880db64e691d6bb290d1536ce7688

Targets

    • Target

      09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1

    • Size

      823KB

    • MD5

      518f0ed5a5fb0affd243f17820ff9daf

    • SHA1

      713884f771ed469091f0ff492d993c55ac04cac4

    • SHA256

      09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1

    • SHA512

      1ad6ab6dcf99b4aa6bed4c87e76c1bb0cd63efa848c5e1a1ce432a2f07275db137654822ba57328320b5771354e2184c8ad0b8cf37773633353ea7bae83610c0

    • SSDEEP

      12288:dMrHy90GYbFfNluw400uhhOjSjuQNv6tBKJyCZiUOK1oab2KK6gVDAFI90:KyfAQR0R0jypCBmytUZ1B2lrDAFI90

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.