Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1a9919325da63b8484a6bd765fb24e43189e13130d5740306b71aac0ea7178ce

  • Size

    649KB

  • Sample

    230910-lm3m5sga7z

  • MD5

    7897dce0ec3212cd7eecbda6398e6b13

  • SHA1

    428468b73988ef217d1651c7fa3106fcdc733f68

  • SHA256

    1a9919325da63b8484a6bd765fb24e43189e13130d5740306b71aac0ea7178ce

  • SHA512

    404eab7e914bafe2ee9a7f5e2c342888ead440e7791cca278ee2fd44fed1a7b81abffb5d68e3df8edc72e8d66640d36212e45ebf3060be86044b964bd94c109a

  • SSDEEP

    12288:OMrhy90ogYfURQidiOadxA//doAunUg8Y8oJ1ZTGme7TjPhrzMV:3yfgYf2QidiOM0/mA6LX5GVLhrzMV

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      1a9919325da63b8484a6bd765fb24e43189e13130d5740306b71aac0ea7178ce

    • Size

      649KB

    • MD5

      7897dce0ec3212cd7eecbda6398e6b13

    • SHA1

      428468b73988ef217d1651c7fa3106fcdc733f68

    • SHA256

      1a9919325da63b8484a6bd765fb24e43189e13130d5740306b71aac0ea7178ce

    • SHA512

      404eab7e914bafe2ee9a7f5e2c342888ead440e7791cca278ee2fd44fed1a7b81abffb5d68e3df8edc72e8d66640d36212e45ebf3060be86044b964bd94c109a

    • SSDEEP

      12288:OMrhy90ogYfURQidiOadxA//doAunUg8Y8oJ1ZTGme7TjPhrzMV:3yfgYf2QidiOM0/mA6LX5GVLhrzMV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks