Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    427fc9aabd9fb141a41b1bdf410eb785cea07db78ee47e3601b202aac8d9ca1e

  • Size

    649KB

  • Sample

    230910-qztm8ahe3s

  • MD5

    45146bfa450d4a14e9b6b2aa534b48ce

  • SHA1

    e5cd16b893cc0cd648033f5564b80e40f4f03e28

  • SHA256

    427fc9aabd9fb141a41b1bdf410eb785cea07db78ee47e3601b202aac8d9ca1e

  • SHA512

    df379dd0f2af416476672c8f7a140088716da2009ea8df12b7a2bcae16e1a0c403be86bb878b45f1780a74708f7cba7a139e0529c994f3f80ecdf78c3e191daa

  • SSDEEP

    12288:dMrby90Y32kRWwBUdogTP0vRU5STprqNblgWxmmyOCr:ayx24BUmgjcagrqNbyWcvT

Malware Config

Extracted

Family

redline

Botnet

virad

C2

77.91.124.82:19071

Attributes
  • auth_value

    434dd63619ca8bbf10125913fb40ca28

Targets

    • Target

      427fc9aabd9fb141a41b1bdf410eb785cea07db78ee47e3601b202aac8d9ca1e

    • Size

      649KB

    • MD5

      45146bfa450d4a14e9b6b2aa534b48ce

    • SHA1

      e5cd16b893cc0cd648033f5564b80e40f4f03e28

    • SHA256

      427fc9aabd9fb141a41b1bdf410eb785cea07db78ee47e3601b202aac8d9ca1e

    • SHA512

      df379dd0f2af416476672c8f7a140088716da2009ea8df12b7a2bcae16e1a0c403be86bb878b45f1780a74708f7cba7a139e0529c994f3f80ecdf78c3e191daa

    • SSDEEP

      12288:dMrby90Y32kRWwBUdogTP0vRU5STprqNblgWxmmyOCr:ayx24BUmgjcagrqNbyWcvT

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks