Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Setup.exe

  • Size

    7.1MB

  • Sample

    231123-zdj2bscb68

  • MD5

    655c9ab59afafdcc3c3ea06fe256c716

  • SHA1

    f9689d55005562013f98fbbc9cbb92d2c6016033

  • SHA256

    ed53c20f0d55834a573d7303e9ed64242568ae139b06cdbcac9bd173d0d23c0a

  • SHA512

    a563a21f1266566a7b85de12912a9fb69ef8c602c73764632a745fae7407de5f876c30ca7b21864488f089fee32c3418d36590e0e631835085bc8563762366c5

  • SSDEEP

    49152:q7Nx5ZBZQgqykOKQrb/TvvO90d7HjmAFd4A64nsfJIkLPXdsvn30By+GaF9lhLQT:LgqeKxPXco3/Xxt1EF+CqLj4Vv

Malware Config

Targets

    • Target

      Setup.exe

    • Size

      7.1MB

    • MD5

      655c9ab59afafdcc3c3ea06fe256c716

    • SHA1

      f9689d55005562013f98fbbc9cbb92d2c6016033

    • SHA256

      ed53c20f0d55834a573d7303e9ed64242568ae139b06cdbcac9bd173d0d23c0a

    • SHA512

      a563a21f1266566a7b85de12912a9fb69ef8c602c73764632a745fae7407de5f876c30ca7b21864488f089fee32c3418d36590e0e631835085bc8563762366c5

    • SSDEEP

      49152:q7Nx5ZBZQgqykOKQrb/TvvO90d7HjmAFd4A64nsfJIkLPXdsvn30By+GaF9lhLQT:LgqeKxPXco3/Xxt1EF+CqLj4Vv

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks