Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
596f2946d7a78c8fd4aa2b7701d0adea57f6b27b11bf8366e69fcfec92dae3aa
-
Size
243KB
-
Sample
220907-b3nh2sagf7
-
MD5
6c2efe7c6713341f2fc1966f0a94a642
-
SHA1
b04384652ae53e65c8fd01f7fd42df29a7caddf2
-
SHA256
376c386a637ef843a318adce643819a68f664c7795b0bbfa7b01e474d0b41216
-
SHA512
97593d382528c20aaff75e3cb075fe75675b8b2c5a927168d1e194c8650f947fbe06e4a10605f31137d1915fb1962fdb43178180bd24844c8cb266ef62cd8cbe
-
SSDEEP
6144:vVIP54cpmYDhoVpVNMSpyN5xouOAblfDHrCgbDhdYJwznwad:vVIP54cko+jXZuRigPhLzwad
Static task
static1
Behavioral task
behavioral1
Sample
596f2946d7a78c8fd4aa2b7701d0adea57f6b27b11bf8366e69fcfec92dae3aa.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
twick
trustedwicky.com:80
-
auth_value
2284521981f16053dae08194ef371cb3
Targets
-
-
Target
596f2946d7a78c8fd4aa2b7701d0adea57f6b27b11bf8366e69fcfec92dae3aa
-
Size
361KB
-
MD5
523ec13a73602aed47e911453df629d4
-
SHA1
1dac079455fbf72496a97be5461ec50f4b857c0d
-
SHA256
596f2946d7a78c8fd4aa2b7701d0adea57f6b27b11bf8366e69fcfec92dae3aa
-
SHA512
67e273f2107621fa07391c4604a8cc922572550db736e64c96bab18b35d8b9d1957482c6f8625af91015951a12f69c8a900ade9e7138c10bb1182b24b47faed1
-
SSDEEP
6144:21mec8NDwJabA/BDzhzVBOAXi1qAN5xo6OAb5fDHrCg7DhdYJwxHpfx:217NkUs/BDzhzVFXeQ6digvhLxJfx
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-