Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4LH589FE.exe

  • Size

    459KB

  • Sample

    231010-frxpssbb3v

  • MD5

    5b250fb771820b54b7998b68630c0bd9

  • SHA1

    f401b42cb0a2530ec2e7c8f736aa633fe9eadae0

  • SHA256

    9993005debbecfdec12b17824563772d25094cd5893ae9c8378a770450d8e4e4

  • SHA512

    77f15b5f97e572b724ea74d6a46fbb57ac04420fd4e09700f3ffddc14cb70a3fb2f3b2cbb7da602ba88778c24dc7044332eec8bb74a9aa8975ec96b86c409122

  • SSDEEP

    6144:+fuhebDPM4jjdpvIN8fp7z5BAOCIb5u5ErTmrKfPZ+WHrwchzpY6f8iKX0X:+fuODPjjb/4U5kErjfnH91pYE8iKkX

Malware Config

Extracted

Family

redline

Botnet

magia

C2

77.91.124.55:19071

Targets

    • Target

      4LH589FE.exe

    • Size

      459KB

    • MD5

      5b250fb771820b54b7998b68630c0bd9

    • SHA1

      f401b42cb0a2530ec2e7c8f736aa633fe9eadae0

    • SHA256

      9993005debbecfdec12b17824563772d25094cd5893ae9c8378a770450d8e4e4

    • SHA512

      77f15b5f97e572b724ea74d6a46fbb57ac04420fd4e09700f3ffddc14cb70a3fb2f3b2cbb7da602ba88778c24dc7044332eec8bb74a9aa8975ec96b86c409122

    • SSDEEP

      6144:+fuhebDPM4jjdpvIN8fp7z5BAOCIb5u5ErTmrKfPZ+WHrwchzpY6f8iKX0X:+fuODPjjb/4U5kErjfnH91pYE8iKkX

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks