Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9d0d5eb52397f632e5444fe9df1201b36607fe516f37c4c6cba2d77b04dd70a3

  • Size

    1.1MB

  • Sample

    231006-cbvcysge8t

  • MD5

    72a55d56801200ba83de054f0376890f

  • SHA1

    193be6ede2fa6cac96c468b9ac794556d2348b75

  • SHA256

    9d0d5eb52397f632e5444fe9df1201b36607fe516f37c4c6cba2d77b04dd70a3

  • SHA512

    6cf8e49b5783fba09b6aedfa39511897b0b0a09676aa2097f887b6745ac72f2fe04aaac6e175bd137cbd510631abf2eb05f97df7287d2de26bfd50dc04cac3cd

  • SSDEEP

    24576:9ywp6NYMdsvT0NID3P1zqg+IGyTfSA98Semzs9jFsKlgsHh6Sef:YwRwNStT+InbSVSe+sVFPb

Malware Config

Extracted

Family

redline

Botnet

gigant

C2

77.91.124.55:19071

Targets

    • Target

      9d0d5eb52397f632e5444fe9df1201b36607fe516f37c4c6cba2d77b04dd70a3

    • Size

      1.1MB

    • MD5

      72a55d56801200ba83de054f0376890f

    • SHA1

      193be6ede2fa6cac96c468b9ac794556d2348b75

    • SHA256

      9d0d5eb52397f632e5444fe9df1201b36607fe516f37c4c6cba2d77b04dd70a3

    • SHA512

      6cf8e49b5783fba09b6aedfa39511897b0b0a09676aa2097f887b6745ac72f2fe04aaac6e175bd137cbd510631abf2eb05f97df7287d2de26bfd50dc04cac3cd

    • SSDEEP

      24576:9ywp6NYMdsvT0NID3P1zqg+IGyTfSA98Semzs9jFsKlgsHh6Sef:YwRwNStT+InbSVSe+sVFPb

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks