Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    BLACKSOFT.rar

  • Size

    4.0MB

  • Sample

    240713-skf5paxgqc

  • MD5

    e972189f7121cb152e9dc11f69e6ee0f

  • SHA1

    3cabc07d128e563d3dba198035c6dff7cbc2d84c

  • SHA256

    8a06629d13757bb30e12345c41735bb711333f01c15fab81761995aad5c440dd

  • SHA512

    a8ff8dabfde6fff41b2db5198318fad71b6f1b068e8b94681f383ce19e4873ecc471e4473c3017fb8ffc1310ca769a6e1b12312c9947d8bb8eb2b6ab68a729d0

  • SSDEEP

    98304:utlOZm+xrK63laQwzmH3WKBmwVTH3x+eKtiCmYny2p:elO8+xKUExzIWKBmwdXxEiYnv

Score
10/10

Malware Config

Extracted

Family

redline

C2

45.15.156.142:33597

Targets

    • Target

      Launcher.dll

    • Size

      7.5MB

    • MD5

      cbb81f28c5a509e4f7e3e44bc7da74f8

    • SHA1

      47145f07bc7d0083d3bd13a9da44bac740952029

    • SHA256

      413bf9c2cff6fe7b97eae199683df7f6d648fad4c25cb6d0b7dce335eb69edba

    • SHA512

      bc863ebb2f5fd66f342be8befb49889dd275adb15cff95ed378e185190091589c8d1d7a8902ca889a7b2af81588c731bfa0a930f074fecadd9b47a082966079c

    • SSDEEP

      98304:koD5geAsEDKN0xOLy2MsmCkQejop7PGXleggxF:kfD/mexOLy0GoNPGXledT

    Score
    1/10
    • Target

      config

    • Size

      3KB

    • MD5

      67611b783439b35abfe05a97413bba46

    • SHA1

      52795ffda8b88701793acc05e87897bdba99a633

    • SHA256

      5776169973a26a387b8b3e5c0f2301a7ab9a6dd7c7d3efa22a96abc47fbf8662

    • SHA512

      046dc9fe5cb46bea23668eb0d9742d32ddad30a6ee85c20839b68cb022f9e2ae6a38b87b9e267edb152b29420e3d169348cd9d3bcd4a7c7d82b3d50ac24b4748

    Score
    1/10
    • Target

      lAuncherSLXLJG.exe

    • Size

      519KB

    • MD5

      d9aa145f3a5f5e68f395e5040391b897

    • SHA1

      be6d0c1fd331f8d07053f210815d5563388a0c53

    • SHA256

      611769a840e8dd1c759911c4c5a91dccdbb55acc520370acc94e2904ab4e273a

    • SHA512

      2298a17f45e2da8180a6b1163899230b4a62d6bcd561906c1fc5deaa8f41a9c0247afb155cd2fc9c90f95d94252a09f627f1e177089379a9b522f1b55dbebe94

    • SSDEEP

      6144:88w3SW3or/Q5oxqt630Xb6sGfsGQpJgUgC8tgfLxoNpNtvbiWlYD1zRqzTrN:88aor/moViUfgJKIxoNTtzoEzTrN

    Score
    10/10
    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Enterprise v15

Tasks