Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    edb960ffa763b80612e244f7c395e2f30040c46963a6e06369f046d207ce655a

  • Size

    784KB

  • Sample

    230921-hrjt2sga92

  • MD5

    714805bd8109996472f4189ca7b9ff4a

  • SHA1

    83e108972ca2d957247d4e7c3fd169711bc4a023

  • SHA256

    edb960ffa763b80612e244f7c395e2f30040c46963a6e06369f046d207ce655a

  • SHA512

    a3367510710e3003fd57e644271e7afda87f4d0f7edc2da15d265a9241f5af3b21e438cd35ebdcf50367b299443edf9d3962efc167cfcb47f191b47032196a20

  • SSDEEP

    12288:bMr4y903OYeX3R4nkd9E7iesLEsTbgmCToCS94BxhPKJr7V3h/bxW/sBtj73aD49:7ytY4K7XsGm2oCkG/MZh/4MN3aDQkX6

Malware Config

Extracted

Family

redline

Botnet

buben

C2

77.91.124.82:19071

Attributes
  • auth_value

    c62fa04aa45f5b78f62d2c21fcbefdec

Targets

    • Target

      edb960ffa763b80612e244f7c395e2f30040c46963a6e06369f046d207ce655a

    • Size

      784KB

    • MD5

      714805bd8109996472f4189ca7b9ff4a

    • SHA1

      83e108972ca2d957247d4e7c3fd169711bc4a023

    • SHA256

      edb960ffa763b80612e244f7c395e2f30040c46963a6e06369f046d207ce655a

    • SHA512

      a3367510710e3003fd57e644271e7afda87f4d0f7edc2da15d265a9241f5af3b21e438cd35ebdcf50367b299443edf9d3962efc167cfcb47f191b47032196a20

    • SSDEEP

      12288:bMr4y903OYeX3R4nkd9E7iesLEsTbgmCToCS94BxhPKJr7V3h/bxW/sBtj73aD49:7ytY4K7XsGm2oCkG/MZh/4MN3aDQkX6

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks