Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    509e986c7d9c67628f6f957a279f1414fd441b3b6fbb21c46bf00d74f987c220

  • Size

    650KB

  • Sample

    230910-ld45lsga4z

  • MD5

    530ed1d215c325393c59538ddfb5377c

  • SHA1

    368e4c5d1a7c030fe7a2fd0ae5e4f0d8ba2fcec7

  • SHA256

    509e986c7d9c67628f6f957a279f1414fd441b3b6fbb21c46bf00d74f987c220

  • SHA512

    2e798929c1e0a329a9669b2b075b5c1c8c334dfbbc221c788291bc3df93e6ce3673c8e8b689a3bb58e797c40879b61f5934837959e2f820fbf476c3dbee42133

  • SSDEEP

    12288:dMrqy90H0muqgws6qvy/qVoVNHnGEZ2Hmqma4njqzs+x:vyvwT/qVoiEGmqf1zHx

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      509e986c7d9c67628f6f957a279f1414fd441b3b6fbb21c46bf00d74f987c220

    • Size

      650KB

    • MD5

      530ed1d215c325393c59538ddfb5377c

    • SHA1

      368e4c5d1a7c030fe7a2fd0ae5e4f0d8ba2fcec7

    • SHA256

      509e986c7d9c67628f6f957a279f1414fd441b3b6fbb21c46bf00d74f987c220

    • SHA512

      2e798929c1e0a329a9669b2b075b5c1c8c334dfbbc221c788291bc3df93e6ce3673c8e8b689a3bb58e797c40879b61f5934837959e2f820fbf476c3dbee42133

    • SSDEEP

      12288:dMrqy90H0muqgws6qvy/qVoVNHnGEZ2Hmqma4njqzs+x:vyvwT/qVoiEGmqf1zHx

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks