Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file

  • Size

    481KB

  • Sample

    240514-q97ylaac24

  • MD5

    005b2bb9551172ef81a1fcf2da3637ad

  • SHA1

    f48f1e29f892e792b4f4e3126e624ff32adb00d8

  • SHA256

    48bbc6f4ee8ccfe253f018fbcd99560c4680fd79160c75335c76d49620272a5c

  • SHA512

    515f693d84af9e90f0e2d4cefff1f6071cc7b5375a464310d2632305c24ee6ca5e1b966c7667ee83e9dcfe629aefe8f115089d58bd4908d690d133beb84ddbd2

  • SSDEEP

    12288:xBxLtOghOAbGX0TTcdGhtnkFeUYmWvh52DU+O2jf0cokPnFS7gr:xBjLhOtmcyV9cY8Vt

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

5.42.65.85:45779

Targets

    • Target

      file

    • Size

      481KB

    • MD5

      005b2bb9551172ef81a1fcf2da3637ad

    • SHA1

      f48f1e29f892e792b4f4e3126e624ff32adb00d8

    • SHA256

      48bbc6f4ee8ccfe253f018fbcd99560c4680fd79160c75335c76d49620272a5c

    • SHA512

      515f693d84af9e90f0e2d4cefff1f6071cc7b5375a464310d2632305c24ee6ca5e1b966c7667ee83e9dcfe629aefe8f115089d58bd4908d690d133beb84ddbd2

    • SSDEEP

      12288:xBxLtOghOAbGX0TTcdGhtnkFeUYmWvh52DU+O2jf0cokPnFS7gr:xBjLhOtmcyV9cY8Vt

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks