Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    70c38d1be3249f03e593da38ce9ae3ba1de2375a03ae8becda9036de762a685a_JC.exe

  • Size

    382KB

  • Sample

    231011-2hx5vsgh8x

  • MD5

    91e3081c35f8fbc3c5d82a127905ea3d

  • SHA1

    c33f12ff653b4b2817b267a2eb42a36ed0f80027

  • SHA256

    70c38d1be3249f03e593da38ce9ae3ba1de2375a03ae8becda9036de762a685a

  • SHA512

    485242ff08e9ae43f2399368b2faccc3218200bbfe4e6e969196b4590f034e3c1baf2f00d4c3d24d4c7acbfa8f82c2363030ae4e2584a6b462bb904426cc017a

  • SSDEEP

    6144:QnAe2Way5hWybjlV1VDWiZuAOEp9hlh1Jm/dd37BkslF6Lw8y:QAl1y5hNbDlu4lh1cFd37BZ2w8y

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

51.38.95.107:42494

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      70c38d1be3249f03e593da38ce9ae3ba1de2375a03ae8becda9036de762a685a_JC.exe

    • Size

      382KB

    • MD5

      91e3081c35f8fbc3c5d82a127905ea3d

    • SHA1

      c33f12ff653b4b2817b267a2eb42a36ed0f80027

    • SHA256

      70c38d1be3249f03e593da38ce9ae3ba1de2375a03ae8becda9036de762a685a

    • SHA512

      485242ff08e9ae43f2399368b2faccc3218200bbfe4e6e969196b4590f034e3c1baf2f00d4c3d24d4c7acbfa8f82c2363030ae4e2584a6b462bb904426cc017a

    • SSDEEP

      6144:QnAe2Way5hWybjlV1VDWiZuAOEp9hlh1Jm/dd37BkslF6Lw8y:QAl1y5hNbDlu4lh1cFd37BZ2w8y

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks