Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    build.exe

  • Size

    300KB

  • Sample

    240810-zhg3jaxclq

  • MD5

    ce176d46f8780b790ba0906aa6b56fa3

  • SHA1

    14d03a8c6afc59e06fa05ab41b54b048184eddf7

  • SHA256

    ef265f82530526b4854f110662712cc961fe8cd4c546a79bb46382d25ff2122d

  • SHA512

    a55223c4e787cefc1fa1c460f2846b31e6ff5483c0540a2eff663e15d35a97b5adfaa4fa7e88a3d2862214d9ad8925045e3d55ffbf847444deecdda557546b61

  • SSDEEP

    3072:ecZqf7D344p/0+mAwkyg4eQEgPQB1fA0PuTVAtkxz23RweqiOL2bBOA:ecZqf7DIYnWVcB1fA0GTV8kwQL

Malware Config

Extracted

Family

redline

Botnet

333

C2

browser-sphere.gl.at.ply.gg:38519

Targets

    • Target

      build.exe

    • Size

      300KB

    • MD5

      ce176d46f8780b790ba0906aa6b56fa3

    • SHA1

      14d03a8c6afc59e06fa05ab41b54b048184eddf7

    • SHA256

      ef265f82530526b4854f110662712cc961fe8cd4c546a79bb46382d25ff2122d

    • SHA512

      a55223c4e787cefc1fa1c460f2846b31e6ff5483c0540a2eff663e15d35a97b5adfaa4fa7e88a3d2862214d9ad8925045e3d55ffbf847444deecdda557546b61

    • SSDEEP

      3072:ecZqf7D344p/0+mAwkyg4eQEgPQB1fA0PuTVAtkxz23RweqiOL2bBOA:ecZqf7DIYnWVcB1fA0GTV8kwQL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Enterprise v15

Tasks