Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3905c987a1acfcd789a7e9ac5e66d4445abf120fc1a7b81fb77e9444182d316c

  • Size

    1.1MB

  • Sample

    230821-pppqvaee5v

  • MD5

    065753f740a0b465cefbf65f1a1716a8

  • SHA1

    8d91143b08904bd62f306154af2c26a713034ae2

  • SHA256

    3905c987a1acfcd789a7e9ac5e66d4445abf120fc1a7b81fb77e9444182d316c

  • SHA512

    0451012310ecbc7524e04463bd5dcfe71c818b2f76f3b686807140129f1f6e6f0730574c3216b33f3f19e8095af86e8d655be6fc16c94ee4b5df6b754fefdc6c

  • SSDEEP

    24576:tP31/j4b9vK4XWNlM+MAPuh15yZbQzIEMFwpz0:tPSb9vK4sEA815yZbQzIElS

Score
10/10
redlinetestinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

TEST

C2

46.149.77.25:8599

Attributes
  • auth_value

    8bc44a2d180183251d176d7b20ad1f91

Targets

    • Target

      3905c987a1acfcd789a7e9ac5e66d4445abf120fc1a7b81fb77e9444182d316c

    • Size

      1.1MB

    • MD5

      065753f740a0b465cefbf65f1a1716a8

    • SHA1

      8d91143b08904bd62f306154af2c26a713034ae2

    • SHA256

      3905c987a1acfcd789a7e9ac5e66d4445abf120fc1a7b81fb77e9444182d316c

    • SHA512

      0451012310ecbc7524e04463bd5dcfe71c818b2f76f3b686807140129f1f6e6f0730574c3216b33f3f19e8095af86e8d655be6fc16c94ee4b5df6b754fefdc6c

    • SSDEEP

      24576:tP31/j4b9vK4XWNlM+MAPuh15yZbQzIEMFwpz0:tPSb9vK4sEA815yZbQzIElS

    Score
    10/10
    redlinetestinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks