Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504

  • Size

    1.1MB

  • Sample

    231022-2dpypafa37

  • MD5

    d31549c62f36bb6910880a4e621ec890

  • SHA1

    18242b20daf81c2d9fb144c41f782ec7c53028e7

  • SHA256

    f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504

  • SHA512

    5b1d64b0940efe36e794235d8e4358933a56f1657d7d31a27728a8825963d4952c50e1fce84492055b573ee429b38a8b26ffb73f6d3c69d651cfbdaade571ad0

  • SSDEEP

    24576:ayDqKzQ22INnFuCQJ1mSo6LHEEq7vxsPqhsHEDrEfW6C:hDBzHzDkEEi2qeHqwfW6

Score
10/10
redlinekukishinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

kukish

C2

77.91.124.55:19071

Targets

    • Target

      f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504

    • Size

      1.1MB

    • MD5

      d31549c62f36bb6910880a4e621ec890

    • SHA1

      18242b20daf81c2d9fb144c41f782ec7c53028e7

    • SHA256

      f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504

    • SHA512

      5b1d64b0940efe36e794235d8e4358933a56f1657d7d31a27728a8825963d4952c50e1fce84492055b573ee429b38a8b26ffb73f6d3c69d651cfbdaade571ad0

    • SSDEEP

      24576:ayDqKzQ22INnFuCQJ1mSo6LHEEq7vxsPqhsHEDrEfW6C:hDBzHzDkEEi2qeHqwfW6

    Score
    10/10
    redlinekukishinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks