Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fd44ef579f043b7834514c5978f93e25.bin

  • Size

    215KB

  • Sample

    231023-mf4sasfg4t

  • MD5

    26d6b8d62f6b5f0eccd73596f8b0ffc1

  • SHA1

    166e9cb1bbe82d7a4590c458cf7cf33721d8a0c4

  • SHA256

    81eee9f9c6f48ac62aa3a87db3592a77cf67f5ea47044d59c3bc4d172aed5ed4

  • SHA512

    aa3aded047d166cda7d0682e7d8bc79e195dec31c244ca1d1e07a112f6940fd87dc3361c7a4a2d53742064a96b91b31276123b4f265ef10b9fa618159ca5a3ee

  • SSDEEP

    6144:Hh3CK2P1Iexuoi+IZjz6oGok66OhtijDBSG5neHRq+k6:BSK2NIecoxGjRgROh8roHg+k6

Malware Config

Targets

    • Target

      f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59.exe

    • Size

      496KB

    • MD5

      fd44ef579f043b7834514c5978f93e25

    • SHA1

      6f35184b825c03945d485a2cd9d69eb117ab181f

    • SHA256

      f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59

    • SHA512

      312a5f99587b0e92055fd1e9091e1702e3f9886e973541ccd7a77a5b5d563d5403881822bdc8a18be00f68122873472b402a356fee1c47fcde94c094ae2c7e5f

    • SSDEEP

      12288:J8k8MroQB2o97Hr62k3n/+pLsv9+eXUeF6e1L:KMroQkAr62k3n/+pAv+enL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks