Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bbdbc3685caa2bd95b5fb50fc975399b8a4eb6a2fd832592b1cb427075c6c6f3

  • Size

    414KB

  • Sample

    231114-rbyspscg5v

  • MD5

    587ad5f7a499cd378cfc621171dad355

  • SHA1

    c7da0f0c6234ad499b0f5f1a2deb68811c0d498f

  • SHA256

    bbdbc3685caa2bd95b5fb50fc975399b8a4eb6a2fd832592b1cb427075c6c6f3

  • SHA512

    4c747f31203847457002242ae576b2029d2a52f9a09a469948943fbb4a53fdd26547c710ad91855c790af069a7a560f5a14a22a02b792f2b696f036e0fda3e8a

  • SSDEEP

    6144:iuUnkAlR2SaOmUPvbeAOJTMtAo/FrPRizcwKXbt2l:knkaR2Vke0b5RizcwKg

Malware Config

Extracted

Family

redline

Botnet

taiga

C2

5.42.92.51:19057

Targets

    • Target

      bbdbc3685caa2bd95b5fb50fc975399b8a4eb6a2fd832592b1cb427075c6c6f3

    • Size

      414KB

    • MD5

      587ad5f7a499cd378cfc621171dad355

    • SHA1

      c7da0f0c6234ad499b0f5f1a2deb68811c0d498f

    • SHA256

      bbdbc3685caa2bd95b5fb50fc975399b8a4eb6a2fd832592b1cb427075c6c6f3

    • SHA512

      4c747f31203847457002242ae576b2029d2a52f9a09a469948943fbb4a53fdd26547c710ad91855c790af069a7a560f5a14a22a02b792f2b696f036e0fda3e8a

    • SSDEEP

      6144:iuUnkAlR2SaOmUPvbeAOJTMtAo/FrPRizcwKXbt2l:knkaR2Vke0b5RizcwKg

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks