Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

80ec921ab7...JC.exe

windows7-x64

10

80ec921ab7...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    80ec921ab70600f8214f19be8afc2833fef6a29d6d9bc625e6296204dec649bc_JC.exe

  • Size

    1.4MB

  • Sample

    231001-y2axwseg82

  • MD5

    eeb8a6c6433dd3b3b1dba0f9b41b74ed

  • SHA1

    f11c21d49622c6b9f1fa1c2bbc7489d0eb1168fa

  • SHA256

    80ec921ab70600f8214f19be8afc2833fef6a29d6d9bc625e6296204dec649bc

  • SHA512

    839cafd0f1a911cb8e2add7a5ad3c62b7a9409551d98d5a5ab9845df9bc4c1f3559d58de32a138475e0354810361f825c795c43de3652ce485b4465428d08e63

  • SSDEEP

    24576:9+yzyicBpqoZTgVifptq6PQMS9J41x9b9H:9SBpqoZTgY1PdSr4vVB

Score
10/10
redline@oleh_psinfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

@oleh_ps

C2

176.123.4.46:33783

Attributes
  • auth_value

    94ecdfa2eb126d66ce500353b2fa9112

Targets

    • Target

      80ec921ab70600f8214f19be8afc2833fef6a29d6d9bc625e6296204dec649bc_JC.exe

    • Size

      1.4MB

    • MD5

      eeb8a6c6433dd3b3b1dba0f9b41b74ed

    • SHA1

      f11c21d49622c6b9f1fa1c2bbc7489d0eb1168fa

    • SHA256

      80ec921ab70600f8214f19be8afc2833fef6a29d6d9bc625e6296204dec649bc

    • SHA512

      839cafd0f1a911cb8e2add7a5ad3c62b7a9409551d98d5a5ab9845df9bc4c1f3559d58de32a138475e0354810361f825c795c43de3652ce485b4465428d08e63

    • SSDEEP

      24576:9+yzyicBpqoZTgVifptq6PQMS9J41x9b9H:9SBpqoZTgY1PdSr4vVB

    Score
    10/10
    redline@oleh_psinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks