Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    195400fdb053f588f27d4a4c70c302ec00c15056902cab226a59264eb47c5bcb

  • Size

    329KB

  • Sample

    241111-cl8nbszflp

  • MD5

    f8712f4ad269a97ad6b9091440f1f4d9

  • SHA1

    e3d211456ba12c8f39ef399365edc776618108d6

  • SHA256

    195400fdb053f588f27d4a4c70c302ec00c15056902cab226a59264eb47c5bcb

  • SHA512

    45fa3cf0006a12568820fcd756fa5372147171ba435edb2842d903e3ea2b88ec497f21dff0a0aebae6e89b2ba0d7f3d39ae8a2a6584b5807a2563493e116d871

  • SSDEEP

    6144:5Ns9DHNm9lF2H1Q1uGZFwAdg7qwt1DFcx9gmYqs/hX8xkp1uC3p:5Ns9sB2qxvbsygX8xkp1uC3p

Malware Config

Extracted

Family

redline

Botnet

sport

C2

31.41.244.98:4063

Attributes
  • auth_value

    82cce55eeb56b322651e98032c09d225

Targets

    • Target

      dc4753d7f1d8e4a766e8c86591211f8f691f709589bf0842d0f5a2d06152ac08

    • Size

      466KB

    • MD5

      4de6e8bf3ffc4d32a51e778561e05a6e

    • SHA1

      aa25cc6b33971f964f9ce13970720625d6ec6856

    • SHA256

      dc4753d7f1d8e4a766e8c86591211f8f691f709589bf0842d0f5a2d06152ac08

    • SHA512

      17e00b066e82a2be0a46ea4d7995c03a6c15b96b182f2667fc4dbe4bb0f839fc710e2bee306e9fe0daaf5cfa3b1bfc40755bddbf9f0950a87738bdf1de22828e

    • SSDEEP

      6144:clsLB1B3EtoZFwAtg7qwt1DFcx9g6YMSsDwaIoxupmL7wjT:cSzBbvPeyysVIoxupmL7

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks