Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    68b41fcbd8d3e14eb53ed345c7ae363b8e514fe6876ca55b94162a295e1f18bf

  • Size

    650KB

  • Sample

    230910-kr54dsfh4w

  • MD5

    b403418cf7022ca454ec8f16f06cd401

  • SHA1

    0f95c4a740b57b12e52d652c589731c551cf6b76

  • SHA256

    68b41fcbd8d3e14eb53ed345c7ae363b8e514fe6876ca55b94162a295e1f18bf

  • SHA512

    66f8fbbf184ce53a4415729cdbb6e79ae5bb3ac454dd56683cb38eeaff5cb2230572b284ed7b9bfef588499fc3bcb5424135a7c6607c3b06f1b0ea12941dddcf

  • SSDEEP

    12288:AMrWy90mGKsJBTyL2iUNPdpbVtTBn9dsOlbgSda0cF1Oak:myojtbi4VVB9dRlbgKXm1Oak

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      68b41fcbd8d3e14eb53ed345c7ae363b8e514fe6876ca55b94162a295e1f18bf

    • Size

      650KB

    • MD5

      b403418cf7022ca454ec8f16f06cd401

    • SHA1

      0f95c4a740b57b12e52d652c589731c551cf6b76

    • SHA256

      68b41fcbd8d3e14eb53ed345c7ae363b8e514fe6876ca55b94162a295e1f18bf

    • SHA512

      66f8fbbf184ce53a4415729cdbb6e79ae5bb3ac454dd56683cb38eeaff5cb2230572b284ed7b9bfef588499fc3bcb5424135a7c6607c3b06f1b0ea12941dddcf

    • SSDEEP

      12288:AMrWy90mGKsJBTyL2iUNPdpbVtTBn9dsOlbgSda0cF1Oak:myojtbi4VVB9dRlbgKXm1Oak

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks