Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

0876c8cfa6...df.exe

windows7-x64

10

0876c8cfa6...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0876c8cfa6fce7ba925879cf54cfc3e5e8dbd4ab75b8d272ec811181bca1d4df

  • Size

    518KB

  • Sample

    240624-k4jqxsxhlk

  • MD5

    22e12c6584a91ededf0c2b23e681a47f

  • SHA1

    743b67f04991dfd00684c4c7bb0e160091345375

  • SHA256

    0876c8cfa6fce7ba925879cf54cfc3e5e8dbd4ab75b8d272ec811181bca1d4df

  • SHA512

    115acff92308fbc377e719c2896c198e66ffa6bd9384e9ae2444bcfd32037c41c3a580d50c2e03bfda925d2d7fb50816f764c400f0af8e8ade47a07a3c261e36

  • SSDEEP

    12288:Ck76RTey5sJg5/8D+v+va1eF+cRDdtpwQJQmZ:Ck7+Tey5s65kD21xoDN

Score
10/10
redlinedrakeinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

drake

C2

83.97.73.131:19071

Attributes
  • auth_value

    74ce6ffe4025a2e4027fb727915e7d7c

Targets

    • Target

      0876c8cfa6fce7ba925879cf54cfc3e5e8dbd4ab75b8d272ec811181bca1d4df

    • Size

      518KB

    • MD5

      22e12c6584a91ededf0c2b23e681a47f

    • SHA1

      743b67f04991dfd00684c4c7bb0e160091345375

    • SHA256

      0876c8cfa6fce7ba925879cf54cfc3e5e8dbd4ab75b8d272ec811181bca1d4df

    • SHA512

      115acff92308fbc377e719c2896c198e66ffa6bd9384e9ae2444bcfd32037c41c3a580d50c2e03bfda925d2d7fb50816f764c400f0af8e8ade47a07a3c261e36

    • SSDEEP

      12288:Ck76RTey5sJg5/8D+v+va1eF+cRDdtpwQJQmZ:Ck7+Tey5s65kD21xoDN

    Score
    10/10
    redlinedrakeinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks