Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    kljnsafdjhjkoh21oiu4hj1oi4jlksdafnmlkewsjnrkl3m4k1l24m2k1.lmofpdwskfmoewkmrlk;321kj41l4kj2l3;kmrfewl;gk,ewr.exe

  • Size

    1.3MB

  • Sample

    240715-adcvksydqn

  • MD5

    ea368a517d295efbd0da95989df0e87e

  • SHA1

    3450211181fea3445af60a2baebbba8228521924

  • SHA256

    24a1826dd659598ac7f4462f58228a09414263f5e54cfa1d4bf1a1342d1f3353

  • SHA512

    c899e54002fe965f0d161ffaeb69c3408153c9901d14642351e6ca9feace3ac69d7eafc22d0b98c0a76dcf2e9c8217c77c227a8c56c02589123aaa9dec775dc0

  • SSDEEP

    24576:no5/mrMm4XMZQx/OkmuRgsOK1pf/OGQdNzlA:o9mraMZQx/OkmuRgsOK1pf/OGQdNzlA

Malware Config

Extracted

Family

redline

Botnet

@fraufraud

C2

94.228.166.68:80

Targets

    • Target

      kljnsafdjhjkoh21oiu4hj1oi4jlksdafnmlkewsjnrkl3m4k1l24m2k1.lmofpdwskfmoewkmrlk;321kj41l4kj2l3;kmrfewl;gk,ewr.exe

    • Size

      1.3MB

    • MD5

      ea368a517d295efbd0da95989df0e87e

    • SHA1

      3450211181fea3445af60a2baebbba8228521924

    • SHA256

      24a1826dd659598ac7f4462f58228a09414263f5e54cfa1d4bf1a1342d1f3353

    • SHA512

      c899e54002fe965f0d161ffaeb69c3408153c9901d14642351e6ca9feace3ac69d7eafc22d0b98c0a76dcf2e9c8217c77c227a8c56c02589123aaa9dec775dc0

    • SSDEEP

      24576:no5/mrMm4XMZQx/OkmuRgsOK1pf/OGQdNzlA:o9mraMZQx/OkmuRgsOK1pf/OGQdNzlA

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks