Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a6e5c89402956d3b3d56ab8af16cac21

  • Size

    1.1MB

  • Sample

    241111-cg9d3ayrhx

  • MD5

    a6e5c89402956d3b3d56ab8af16cac21

  • SHA1

    281f91ae3460451e50563648d594e3536c113597

  • SHA256

    a63b37d9592cda82d3f14761c40c2504b86c97b1b73714613e7ddae4cae76250

  • SHA512

    b5e0b28fe63b4ecea0e047df6efa1aa07cdc7e748991511d17eaf536a9d4be6d8bdf11c168c050fcaed6334959cf41b973dc286c9065b000660ffdab97f817df

  • SSDEEP

    24576:JUrUJ8cE4tW+a6+VpgTQtcOifguab0Bez5hw0J2g7szPab+lU:JUrEEgW64kJ/guaQotGfVzdU

Malware Config

Extracted

Family

redline

Botnet

@Sanchekkkkk

C2

79.137.192.20:7466

Attributes
  • auth_value

    10817a38e602b1d9bb93ced603d37fc5

Targets

    • Target

      Pet Simulator X Script.exe

    • Size

      758KB

    • MD5

      eb68007f98e6233778be7d51aa6a8d76

    • SHA1

      93fcf86feb6bf6deba1247f606e860150a890eb4

    • SHA256

      ef90e1b5c7d89fbd00a92fa416311c8bc8416f4ae2eeabb1203b8f63b999336b

    • SHA512

      78a2d1aa42d33769f78a8cf7dd1874917b51678f20992c290f32c8c1a1877cb405182c79abe3d761d0f34eaf94f77bf1c3b7c578c82a79860d5d39c1b0866a7d

    • SSDEEP

      12288:efzxOMMYiNboPON2Cf/tUdCEinvCTORP2fG7vl7OuEXi2X8CWjarZE7mvTKqZW5a:efzxTMYiNbTlEinvUORP2fo7zCWjsK74

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    • Target

      Update Script.exe

    • Size

      2.6MB

    • MD5

      9ccbfc90de4e19383e1b236e2e659f75

    • SHA1

      81bdcb475210ff4731ce0e0b3239b497f9f70015

    • SHA256

      82a4239f459b3569ad8c4e608e38c520b5c50ffb5dec97034c3924e594662c39

    • SHA512

      56d7825804c4439ef42b1f473d9fcc758aa089c3a35cb38728a128e3509f2c210a711e80087e31b18ca28ec0f5a208e061aae15e778edd48049af34fc76d9d8e

    • SSDEEP

      24576:CVwd9AvyVIp6i5+GOUYMY3XdyA1Mm/9s4dl41lLH9zgMPZYRDkTEuLl8UN3jl3Rw:CVwd9AKVIp64+rmT8mZYJkTEurBl3a

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.