Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2Pw882oL.exe

  • Size

    221KB

  • Sample

    231010-bd1gbahf3w

  • MD5

    c59af5cc824adad192d7f92915dcacc9

  • SHA1

    11f7d57f605a82eb64dccd829abf4135ab888ec2

  • SHA256

    a21b5614e361a04d764ec95d715070bb3e7972dffb889fa80128de021557dff4

  • SHA512

    7221397eb63fc1f3b0468dab26a050b1f841280782ac78a1db4cd6e9ef79346a1c756c58533509716c3ed2de4d882e8fa1633c086e87abc6a16145db6fdc79ec

  • SSDEEP

    3072:yFyOHrnNNgchKkRm8pyUDv8ZTYllt/q0ePfm/lpvSLaeG:yFyOLNNgch5k80UDGYp/mPfmdJSLa

Malware Config

Extracted

Family

redline

Botnet

lutyr

C2

77.91.124.55:19071

Targets

    • Target

      2Pw882oL.exe

    • Size

      221KB

    • MD5

      c59af5cc824adad192d7f92915dcacc9

    • SHA1

      11f7d57f605a82eb64dccd829abf4135ab888ec2

    • SHA256

      a21b5614e361a04d764ec95d715070bb3e7972dffb889fa80128de021557dff4

    • SHA512

      7221397eb63fc1f3b0468dab26a050b1f841280782ac78a1db4cd6e9ef79346a1c756c58533509716c3ed2de4d882e8fa1633c086e87abc6a16145db6fdc79ec

    • SSDEEP

      3072:yFyOHrnNNgchKkRm8pyUDv8ZTYllt/q0ePfm/lpvSLaeG:yFyOLNNgch5k80UDGYp/mPfmdJSLa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks