Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    458aeb444a66350118741f27c1f40bf4

  • Size

    650KB

  • Sample

    230910-qw5w3shd66

  • MD5

    458aeb444a66350118741f27c1f40bf4

  • SHA1

    ca48d6c3dd2a2887dcd203c6207a024396cc5039

  • SHA256

    752823538da4481a5c018b006e45632bac790df88df756c6a54291981d953983

  • SHA512

    18fa28bc0a5f4d65c86f5db4bf81e799c1f076008504bf0d113af4bca81e03943939ce58c2d61ed3e3f739cf8a69b134699aec4ad083ff8c1003760708fa718a

  • SSDEEP

    12288:hMrDy90Y5z/zy4NBqp6s3tvim9f5b2pzNr+cG/AsitfYco:6yZpLyOBA6kvim9R2phL1fu

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      458aeb444a66350118741f27c1f40bf4

    • Size

      650KB

    • MD5

      458aeb444a66350118741f27c1f40bf4

    • SHA1

      ca48d6c3dd2a2887dcd203c6207a024396cc5039

    • SHA256

      752823538da4481a5c018b006e45632bac790df88df756c6a54291981d953983

    • SHA512

      18fa28bc0a5f4d65c86f5db4bf81e799c1f076008504bf0d113af4bca81e03943939ce58c2d61ed3e3f739cf8a69b134699aec4ad083ff8c1003760708fa718a

    • SSDEEP

      12288:hMrDy90Y5z/zy4NBqp6s3tvim9f5b2pzNr+cG/AsitfYco:6yZpLyOBA6kvim9R2phL1fu

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks