Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

1d059ca891...d4.exe

windows10-2004-x64

10

1d90edda9f...51.exe

windows7-x64

3

1d90edda9f...51.exe

windows10-2004-x64

10

1e44c41d8d...91.exe

windows10-2004-x64

10

1ed736973c...3e.exe

windows10-2004-x64

10

559234fc52...e2.exe

windows10-2004-x64

10

5a4570005d...a4.exe

windows7-x64

3

5a4570005d...a4.exe

windows10-2004-x64

10

61f1a776dc...62.exe

windows10-2004-x64

10

67045db960...01.exe

windows10-2004-x64

10

6d684b37ca...5c.exe

windows10-2004-x64

10

77cbabe9fe...cf.exe

windows7-x64

3

77cbabe9fe...cf.exe

windows10-2004-x64

10

8a73bb4899...c3.exe

windows10-2004-x64

10

8db3c27c31...88.exe

windows7-x64

3

8db3c27c31...88.exe

windows10-2004-x64

10

b72cfb2517...df.exe

windows10-2004-x64

10

c2ef692d84...7e.exe

windows7-x64

3

c2ef692d84...7e.exe

windows10-2004-x64

10

c39106a352...4e.exe

windows7-x64

10

c39106a352...4e.exe

windows10-2004-x64

10

ca6d56a637...da.exe

windows10-2004-x64

10

db14966ca7...cb.exe

windows7-x64

10

db14966ca7...cb.exe

windows10-2004-x64

10

e800205bb9...fd.exe

windows7-x64

3

e800205bb9...fd.exe

windows10-2004-x64

10

f8a2da44f9...41.exe

windows10-2004-x64

10

fc8b501a18...d3.exe

windows7-x64

3

fc8b501a18...d3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    158s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/05/2024, 12:33 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe

  • Size

    274KB

  • MD5

    17c694e79f6d36c7ddf2d0826847af9c

  • SHA1

    4a9ede0f5efe78a4807230fa8dc0ae4d9e6fd9e8

  • SHA256

    db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb

  • SHA512

    bfe84a7d6a038df984e6d789c0169771a567488137d01b8df27b67706aca915fddb14d510dc9c654281b25a2e65cf5c57d009b16cd78a0170ee13dd70e12b363

  • SSDEEP

    6144:SJhy0g57Kx1lgD0568wQ7tuMp2tHnAm9CMtM:SJhcx0568wbt

Score
10/10
redlinelux3infostealer

Malware Config

Extracted

Family

redline

Botnet

lux3

C2

176.123.9.142:14845

Attributes
  • auth_value

    e94dff9a76da90d6b000642c4a52574b

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
    "C:\Users\Admin\AppData\Local\Temp\db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe"
    1⤵
      PID:2212

    Network

      No results found
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    • 176.123.9.142:14845
      db14966ca75480a4e8f9f3d18c7bada2f205a1ac7404dbeda068279afa55b1cb.exe
      152 B
       120 B
       3
      3
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2212-0-0x0000000000401000-0x0000000000402000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2212-2-0x0000000000220000-0x0000000000250000-memory.dmp

      Filesize

      192KB

      Download

    • memory/2212-5-0x0000000000400000-0x0000000000446000-memory.dmp

      Filesize

      280KB

      Download

    • memory/2212-6-0x00000000004F0000-0x00000000004F6000-memory.dmp

      Filesize

      24KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.