Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d

  • Size

    425KB

  • Sample

    241111-cdafkazgqa

  • MD5

    d3973292b177fc13038187699f2a1649

  • SHA1

    4fc4e6bc272734ec9945a11ee90d295f52e2308d

  • SHA256

    a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d

  • SHA512

    e2b321e4edc8aaa2629170673057465711f330d9e84faa86c8e12d336b307d5f4432cdd8535d6b47e56184903a1126d66d0fa078a6f91776558ec9ec82120b76

  • SSDEEP

    6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

Malware Config

Extracted

Family

redline

Botnet

bbtt1

C2

212.193.30.196:13040

Attributes
  • auth_value

    fd6c3db35926ff1b33d500d0fb0ce060

Targets

    • Target

      a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d

    • Size

      425KB

    • MD5

      d3973292b177fc13038187699f2a1649

    • SHA1

      4fc4e6bc272734ec9945a11ee90d295f52e2308d

    • SHA256

      a8f1950be0a9c56e9e429580167230c4538a1e6931fbab24c094574b8561e13d

    • SHA512

      e2b321e4edc8aaa2629170673057465711f330d9e84faa86c8e12d336b307d5f4432cdd8535d6b47e56184903a1126d66d0fa078a6f91776558ec9ec82120b76

    • SSDEEP

      6144:ZhEhUR7NXRNcctWZzL2SeCi+AkDG/Jl7kP6YYUayvLHHZlofiDP9LtQtyfWJ:ZhEhQ1MLm+ANxl7kP6YYUDvLXoEVLOy

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks