Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    435KB

  • Sample

    230923-swgklagg8s

  • MD5

    28fd0f12ee6113e78cd936a68eaffe94

  • SHA1

    a4e9a3de7e1fcf92ed989b5130e323da7f6459af

  • SHA256

    6a042cec7ea5265c3503b1408d306c4beb4cc22e443b722c80f38f3d3730b793

  • SHA512

    f74ab95b059f3de8fa888933a84e3b87676997c22c4a43577d5cef79c0e61ae7efeb7f2413de870d63f5bc45a03f31d91a5d82a9f892accb83bbc550d21ae6a7

  • SSDEEP

    12288:TPLDgyMiNu3mGmGmGmutDLEU6q65QoZ5M0KBV:TPvP34mGmGmGmg6q64T

Malware Config

Targets

    • Target

      file

    • Size

      435KB

    • MD5

      28fd0f12ee6113e78cd936a68eaffe94

    • SHA1

      a4e9a3de7e1fcf92ed989b5130e323da7f6459af

    • SHA256

      6a042cec7ea5265c3503b1408d306c4beb4cc22e443b722c80f38f3d3730b793

    • SHA512

      f74ab95b059f3de8fa888933a84e3b87676997c22c4a43577d5cef79c0e61ae7efeb7f2413de870d63f5bc45a03f31d91a5d82a9f892accb83bbc550d21ae6a7

    • SSDEEP

      12288:TPLDgyMiNu3mGmGmGmutDLEU6q65QoZ5M0KBV:TPvP34mGmGmGmg6q64T

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks