Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4se182zn.exe

  • Size

    1.1MB

  • Sample

    231103-fsgd7scd9w

  • MD5

    a3d9d2941072762f79cd51e9033cfe7c

  • SHA1

    2d8b476eed489e9b412bf1a2fe0737bc975c9f4d

  • SHA256

    5ed69e5d911b8e81da107ec15d7989c44edca8689517970d84354a9db4b98653

  • SHA512

    fdb95bb2023f1502903e20e49690a0ab5d76a2c4db82b28a26f09196255441e8189329d963720e163f2ac65efde1eaa8d57cf53cf5edac48782c60509831d160

  • SSDEEP

    12288:XrB5IZ2nfkPenJ2U7vq/wMR5Sunrv90pxf1xh9uuSVKhAjviJeP3xnto:vg2fkPenJ2U7vqvbnrvwF0gqht

Malware Config

Extracted

Family

redline

Botnet

plost

C2

77.91.124.86:19084

Targets

    • Target

      4se182zn.exe

    • Size

      1.1MB

    • MD5

      a3d9d2941072762f79cd51e9033cfe7c

    • SHA1

      2d8b476eed489e9b412bf1a2fe0737bc975c9f4d

    • SHA256

      5ed69e5d911b8e81da107ec15d7989c44edca8689517970d84354a9db4b98653

    • SHA512

      fdb95bb2023f1502903e20e49690a0ab5d76a2c4db82b28a26f09196255441e8189329d963720e163f2ac65efde1eaa8d57cf53cf5edac48782c60509831d160

    • SSDEEP

      12288:XrB5IZ2nfkPenJ2U7vq/wMR5Sunrv90pxf1xh9uuSVKhAjviJeP3xnto:vg2fkPenJ2U7vqvbnrvwF0gqht

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks