Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34

  • Size

    585KB

  • Sample

    231029-2cbpnsbd63

  • MD5

    5b56d98cd74aa5c75d81ec033c2cefe7

  • SHA1

    7ade139a319ad78d3d7f972b5448a002552c8e89

  • SHA256

    e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34

  • SHA512

    846f9aabf7cd6e6790d9e5d973cadbbda00060a23d9ae4c91c2dae32307ae12ec04fc336c015713336ac5559864ae7e54295779f8eaab3fb6b4457600cd4b73a

  • SSDEEP

    6144:jcxPuxwhQyka515g4YttHQ462jYPp0r2mruh13t4q3bWUoM2oJFSrxpKLj4XygUu:oVuxwTka+ti92kPpeijCUoR7fyXs1ZR

Malware Config

Targets

    • Target

      e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34

    • Size

      585KB

    • MD5

      5b56d98cd74aa5c75d81ec033c2cefe7

    • SHA1

      7ade139a319ad78d3d7f972b5448a002552c8e89

    • SHA256

      e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34

    • SHA512

      846f9aabf7cd6e6790d9e5d973cadbbda00060a23d9ae4c91c2dae32307ae12ec04fc336c015713336ac5559864ae7e54295779f8eaab3fb6b4457600cd4b73a

    • SSDEEP

      6144:jcxPuxwhQyka515g4YttHQ462jYPp0r2mruh13t4q3bWUoM2oJFSrxpKLj4XygUu:oVuxwTka+ti92kPpeijCUoR7fyXs1ZR

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks