Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd4fa1020281d1b1667afeaa46b6235461f1cc064b264d85631e1112b39adcf1

  • Size

    649KB

  • Sample

    230910-k2ts4sga56

  • MD5

    b8eb28b39416809df8545a12936ed74a

  • SHA1

    33eda0b96849aaeb590fbbbc16d24561dc51db60

  • SHA256

    dd4fa1020281d1b1667afeaa46b6235461f1cc064b264d85631e1112b39adcf1

  • SHA512

    9e75928932b2ed1d0c50c920ed0490c714e445474b254238848b2642e6efa3dd2a623dfff7a4e77903ed16ee9cd889945cf2788106ca7205db778325a6e1817b

  • SSDEEP

    12288:7MrRy90WJ+dr5F1LZBjv0T45Qi8Pdo2oeOxR6+xLSbZkQcxdXWzMP:uytSr5FB0asPm2POxR6+xEkTh

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      dd4fa1020281d1b1667afeaa46b6235461f1cc064b264d85631e1112b39adcf1

    • Size

      649KB

    • MD5

      b8eb28b39416809df8545a12936ed74a

    • SHA1

      33eda0b96849aaeb590fbbbc16d24561dc51db60

    • SHA256

      dd4fa1020281d1b1667afeaa46b6235461f1cc064b264d85631e1112b39adcf1

    • SHA512

      9e75928932b2ed1d0c50c920ed0490c714e445474b254238848b2642e6efa3dd2a623dfff7a4e77903ed16ee9cd889945cf2788106ca7205db778325a6e1817b

    • SSDEEP

      12288:7MrRy90WJ+dr5F1LZBjv0T45Qi8Pdo2oeOxR6+xLSbZkQcxdXWzMP:uytSr5FB0asPm2POxR6+xEkTh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks