Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d15b9472e55acfaa99bbaff7cf5d6bf7e4a74a3c931392a90d24b59f1b46a723N.exe

  • Size

    168KB

  • Sample

    241117-l3pq8axflp

  • MD5

    43ca4de43eeb3fcc9ea660d02e7aacf0

  • SHA1

    79cc03bdf3d00e3df73849b8d92f3c7e3a30619e

  • SHA256

    d15b9472e55acfaa99bbaff7cf5d6bf7e4a74a3c931392a90d24b59f1b46a723

  • SHA512

    da92862c3e154214c979dacaca4856a1914a291111df9e059e919706e3f918a574bf57c4fbe9bdab7bf75cb930b63cfc52c768c64861d0bdcfafb61604412c6b

  • SSDEEP

    3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2:uJteaSe5clhiVwxTcVL

Malware Config

Extracted

Family

redline

Botnet

mazda

C2

217.196.96.56:4138

Attributes
  • auth_value

    3d2870537d84a4c6d7aeecd002871c51

Targets

    • Target

      d15b9472e55acfaa99bbaff7cf5d6bf7e4a74a3c931392a90d24b59f1b46a723N.exe

    • Size

      168KB

    • MD5

      43ca4de43eeb3fcc9ea660d02e7aacf0

    • SHA1

      79cc03bdf3d00e3df73849b8d92f3c7e3a30619e

    • SHA256

      d15b9472e55acfaa99bbaff7cf5d6bf7e4a74a3c931392a90d24b59f1b46a723

    • SHA512

      da92862c3e154214c979dacaca4856a1914a291111df9e059e919706e3f918a574bf57c4fbe9bdab7bf75cb930b63cfc52c768c64861d0bdcfafb61604412c6b

    • SSDEEP

      3072:uJaohQaSe5clFcb0iCKbqVsTQZxTcVL8e8h2:uJteaSe5clhiVwxTcVL

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

MITRE ATT&CK Enterprise v15

Tasks