Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6391d8baef64a0551a5fde9c6a04b804f8fc88178af953cd194e40810de12bb2

  • Size

    785KB

  • Sample

    230921-gt28qsfg48

  • MD5

    25dd2010403833bdf9a0ce82ebaef893

  • SHA1

    b7735b5cf88af8fed9811bdd4d3dc628faecf263

  • SHA256

    6391d8baef64a0551a5fde9c6a04b804f8fc88178af953cd194e40810de12bb2

  • SHA512

    fd4cc9ba6104ff0bf465eec20e76ca7c28bd0aaeacf7db97d3e02d855b641e2e592189f503daa8f937273b75f16cc6cf06c93fd626525e5799be0e2eeb9c73f6

  • SSDEEP

    24576:2ygAYfZxMCZUx9L/OY/i8QVkwOf5uT8c:FgA2ZxMPjR/i84SE8

Malware Config

Extracted

Family

redline

Botnet

buben

C2

77.91.124.82:19071

Attributes
  • auth_value

    c62fa04aa45f5b78f62d2c21fcbefdec

Targets

    • Target

      6391d8baef64a0551a5fde9c6a04b804f8fc88178af953cd194e40810de12bb2

    • Size

      785KB

    • MD5

      25dd2010403833bdf9a0ce82ebaef893

    • SHA1

      b7735b5cf88af8fed9811bdd4d3dc628faecf263

    • SHA256

      6391d8baef64a0551a5fde9c6a04b804f8fc88178af953cd194e40810de12bb2

    • SHA512

      fd4cc9ba6104ff0bf465eec20e76ca7c28bd0aaeacf7db97d3e02d855b641e2e592189f503daa8f937273b75f16cc6cf06c93fd626525e5799be0e2eeb9c73f6

    • SSDEEP

      24576:2ygAYfZxMCZUx9L/OY/i8QVkwOf5uT8c:FgA2ZxMPjR/i84SE8

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks