Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file.exe

  • Size

    396KB

  • Sample

    231011-wcrg8scf6v

  • MD5

    fa15aa45d6e71de5927a75d60bd70f7b

  • SHA1

    e8bafb47eb22cc18d7695625da0937ac3c2d9036

  • SHA256

    706224d01959812281290adc2f43521e5d38d0c3a556b381b8cbac2c2aa90e82

  • SHA512

    412cddc921e1d0402409c82786404df81078bea2af48157500d3b2946b51acfb79a8b29136f9ba64d4e3c0b69d9f7c964e57cbbf849c79c7f288f4603f369e4c

  • SSDEEP

    6144:BLErViSWAs3WHexAVklAOaF2VaAg6U6J7k8edK/EGoPGCc:BL0iSWLT0+K6U60dK/EXGCc

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (Telegram: @logsdillabot)

C2

146.59.10.173:45035

Attributes
  • auth_value

    c2955ed3813a798683a185a82e949f88

Targets

    • Target

      file.exe

    • Size

      396KB

    • MD5

      fa15aa45d6e71de5927a75d60bd70f7b

    • SHA1

      e8bafb47eb22cc18d7695625da0937ac3c2d9036

    • SHA256

      706224d01959812281290adc2f43521e5d38d0c3a556b381b8cbac2c2aa90e82

    • SHA512

      412cddc921e1d0402409c82786404df81078bea2af48157500d3b2946b51acfb79a8b29136f9ba64d4e3c0b69d9f7c964e57cbbf849c79c7f288f4603f369e4c

    • SSDEEP

      6144:BLErViSWAs3WHexAVklAOaF2VaAg6U6J7k8edK/EGoPGCc:BL0iSWLT0+K6U60dK/EXGCc

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks