Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

522707cd42...5c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    522707cd425ca9de34b3772fa55c0b6a707af9cd109d9bad5c0d8fe3e419a55c.exe

  • Size

    304KB

  • Sample

    241206-fk14ms1nes

  • MD5

    6f9da3e946ca35ee56eb0010b74bb501

  • SHA1

    949c04d86516215f53b61abbfa52a157d223b015

  • SHA256

    522707cd425ca9de34b3772fa55c0b6a707af9cd109d9bad5c0d8fe3e419a55c

  • SHA512

    e086ad9b8ecd9c7e6d336b7ab052e0219161da25d280fc7755b34f822e25a66f72c45dc3fee05e9ae7340ff0d8029be83d15a65c6c558d0ff206a8880b70bee8

  • SSDEEP

    6144:KBy+bnr+Cp0yN90QEfSt7N//6JvBXXS57xe9x:vMrqy90F0Jqb+Ex

Score
10/10
redlinedomadiscoveryinfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

doma

C2

185.161.248.75:4132

Attributes
  • auth_value

    8be53af7f78567706928d0abef953ef4

Targets

    • Target

      522707cd425ca9de34b3772fa55c0b6a707af9cd109d9bad5c0d8fe3e419a55c.exe

    • Size

      304KB

    • MD5

      6f9da3e946ca35ee56eb0010b74bb501

    • SHA1

      949c04d86516215f53b61abbfa52a157d223b015

    • SHA256

      522707cd425ca9de34b3772fa55c0b6a707af9cd109d9bad5c0d8fe3e419a55c

    • SHA512

      e086ad9b8ecd9c7e6d336b7ab052e0219161da25d280fc7755b34f822e25a66f72c45dc3fee05e9ae7340ff0d8029be83d15a65c6c558d0ff206a8880b70bee8

    • SSDEEP

      6144:KBy+bnr+Cp0yN90QEfSt7N//6JvBXXS57xe9x:vMrqy90F0Jqb+Ex

    Score
    10/10
    redlinedomadiscoveryinfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.