Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    XcHvYYrNa.exe

  • Size

    300KB

  • Sample

    240521-lvftcahb2t

  • MD5

    b9a421c6f519b309d05149b5388debc6

  • SHA1

    f713cef1b438bc65d33ff7c1532b9ac4f9cd9fa2

  • SHA256

    9eff518a31a5ca6d372d8c2e60820b3b014e884da27c4ce7482fefc9b80d4b7f

  • SHA512

    25fb917f01e6b2543c47a25561e6ff2f15fe304558281e52694ed26ff046b8fcf74f9a2e023dca41b2f7ceae1349d48ed4cfabe93b9c69582be9c290218acbd6

  • SSDEEP

    3072:ycZqf7D34Tp/0+mAWkyYHcQQg3/B1fA0PuTVAtkxz93REeqiOL2bBOA:ycZqf7DItnzXvB1fA0GTV8kHsL

Malware Config

Extracted

Family

redline

Botnet

SolaraHacked

C2

127.0.0.1:4444

Targets

    • Target

      XcHvYYrNa.exe

    • Size

      300KB

    • MD5

      b9a421c6f519b309d05149b5388debc6

    • SHA1

      f713cef1b438bc65d33ff7c1532b9ac4f9cd9fa2

    • SHA256

      9eff518a31a5ca6d372d8c2e60820b3b014e884da27c4ce7482fefc9b80d4b7f

    • SHA512

      25fb917f01e6b2543c47a25561e6ff2f15fe304558281e52694ed26ff046b8fcf74f9a2e023dca41b2f7ceae1349d48ed4cfabe93b9c69582be9c290218acbd6

    • SSDEEP

      3072:ycZqf7D34Tp/0+mAWkyYHcQQg3/B1fA0PuTVAtkxz93REeqiOL2bBOA:ycZqf7DItnzXvB1fA0GTV8kHsL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks