Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    j1850751.exe

  • Size

    393KB

  • Sample

    230918-bzcblsdg9v

  • MD5

    515d22083483fb4fb2f5ca6455754723

  • SHA1

    0c44ef2831de6999248610ed5a8869c5ff2b3db7

  • SHA256

    fb787607b521c23bd9f7c9235f383b5a58f0c14b86e9f754c8c06ee0c7c4dacd

  • SHA512

    29fac4649976c0481323577cbadf48eee06655d5bbf87da202ae0c4886d44d2528bd03531fa3e005402e840ee0d54484031a2a8a8f158532af076b0b4489f08a

  • SSDEEP

    6144:facaGEZt20ZSwbz8+Dxe8kVAOYlQsNAH0ZnzInOrj6TZR9YKulbHSY1h8Ey:faFzZtT78Ti2QpP1h8Ey

Malware Config

Extracted

Family

redline

Botnet

monik

C2

77.91.124.82:19071

Attributes
  • auth_value

    da7d9ea0878f5901f1f8319d34bdccea

Targets

    • Target

      j1850751.exe

    • Size

      393KB

    • MD5

      515d22083483fb4fb2f5ca6455754723

    • SHA1

      0c44ef2831de6999248610ed5a8869c5ff2b3db7

    • SHA256

      fb787607b521c23bd9f7c9235f383b5a58f0c14b86e9f754c8c06ee0c7c4dacd

    • SHA512

      29fac4649976c0481323577cbadf48eee06655d5bbf87da202ae0c4886d44d2528bd03531fa3e005402e840ee0d54484031a2a8a8f158532af076b0b4489f08a

    • SSDEEP

      6144:facaGEZt20ZSwbz8+Dxe8kVAOYlQsNAH0ZnzInOrj6TZR9YKulbHSY1h8Ey:faFzZtT78Ti2QpP1h8Ey

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks