Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe

  • Size

    837KB

  • Sample

    230822-vsctcafd7x

  • MD5

    598b5127dccfd15a80b3a89f2b8bfa76

  • SHA1

    15da3f9e0df172ccf84e231b5a317ddce888b77a

  • SHA256

    6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51

  • SHA512

    608cb4797123cc2c8de9f5b2c87d16e763acfb2584b2320f1e5c7cd62b0f79505208dd007d4a240cf2176d1a9e798aa9b49d4d82a91124ec0a544f1e761d0065

  • SSDEEP

    24576:Ay9NU6tZtjmY4ZUp/RVU16/nF+joSKzWN:H9NUytjmY4ip/fCWc0x

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Targets

    • Target

      6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe

    • Size

      837KB

    • MD5

      598b5127dccfd15a80b3a89f2b8bfa76

    • SHA1

      15da3f9e0df172ccf84e231b5a317ddce888b77a

    • SHA256

      6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51

    • SHA512

      608cb4797123cc2c8de9f5b2c87d16e763acfb2584b2320f1e5c7cd62b0f79505208dd007d4a240cf2176d1a9e798aa9b49d4d82a91124ec0a544f1e761d0065

    • SSDEEP

      24576:Ay9NU6tZtjmY4ZUp/RVU16/nF+joSKzWN:H9NUytjmY4ip/fCWc0x

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks