Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    j1327061.exe

  • Size

    383KB

  • Sample

    231011-zcs8lsdg39

  • MD5

    53845cd00f9a94441fdfd22a0bf3cb8c

  • SHA1

    35e65923d294e22153e46b486c14f13eb67d3484

  • SHA256

    410b994d456cc36e464a31ba13c53bd87e4f1434846f764c30e3359abdb18207

  • SHA512

    ef1df60652606897d49d1388d928e52b945649a97fe323e5ffaa052dfb6f562660eed33b8159d1ce68790be1cf4bba50d32c4d1feccec9eca1088e37b9014b43

  • SSDEEP

    6144:fB46fuYXChoQTjlFgLuCY1dRuAOcMz6XjTLT8Kv51Z9vw8y0:fWYzXChdTbv1buB+XXRv51Z9vw8y

Malware Config

Extracted

Family

redline

Botnet

kurda

C2

77.91.124.82:19071

Attributes
  • auth_value

    07989fb69b4f47fc5e6e900d2ee16833

Targets

    • Target

      j1327061.exe

    • Size

      383KB

    • MD5

      53845cd00f9a94441fdfd22a0bf3cb8c

    • SHA1

      35e65923d294e22153e46b486c14f13eb67d3484

    • SHA256

      410b994d456cc36e464a31ba13c53bd87e4f1434846f764c30e3359abdb18207

    • SHA512

      ef1df60652606897d49d1388d928e52b945649a97fe323e5ffaa052dfb6f562660eed33b8159d1ce68790be1cf4bba50d32c4d1feccec9eca1088e37b9014b43

    • SSDEEP

      6144:fB46fuYXChoQTjlFgLuCY1dRuAOcMz6XjTLT8Kv51Z9vw8y0:fWYzXChdTbv1buB+XXRv51Z9vw8y

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks