Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a6611cf5bb80de16b1205ff16d98046ae510ff28ad823d1bc83496417ca477fd

  • Size

    649KB

  • Sample

    230910-k1deqsga52

  • MD5

    8a0c6cc0ff7c390b6c1199feaf30c471

  • SHA1

    208f9b7901e467a5f92a494ef55033a1a1d15f6b

  • SHA256

    a6611cf5bb80de16b1205ff16d98046ae510ff28ad823d1bc83496417ca477fd

  • SHA512

    72735e641d6aaa35518bf2df3340a683e24cc376a2a4956a6f53074f47bee450275a791a0ec27f734f73d8ad351a106b19293a0f31f38001ccd678bb89b2f0e0

  • SSDEEP

    12288:iMr3y90QC4EjPHkQkNdoM+OhDxJUejUxMdAQju7PIjyUWiJZ7PPVi:9yszemMZhDvUKA5Yy7aZTPVi

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      a6611cf5bb80de16b1205ff16d98046ae510ff28ad823d1bc83496417ca477fd

    • Size

      649KB

    • MD5

      8a0c6cc0ff7c390b6c1199feaf30c471

    • SHA1

      208f9b7901e467a5f92a494ef55033a1a1d15f6b

    • SHA256

      a6611cf5bb80de16b1205ff16d98046ae510ff28ad823d1bc83496417ca477fd

    • SHA512

      72735e641d6aaa35518bf2df3340a683e24cc376a2a4956a6f53074f47bee450275a791a0ec27f734f73d8ad351a106b19293a0f31f38001ccd678bb89b2f0e0

    • SSDEEP

      12288:iMr3y90QC4EjPHkQkNdoM+OhDxJUejUxMdAQju7PIjyUWiJZ7PPVi:9yszemMZhDvUKA5Yy7aZTPVi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks