Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bd2c8055bd48f3b3b00550250f4851e7f5995a034005d5af589a33ac1dc36954
-
Size
367KB
-
Sample
220912-tzwdladfd7
-
MD5
a1c88160806213516c95141ac3923a20
-
SHA1
00d4953bcd3a3e6bac804624a51979be566c1764
-
SHA256
bd2c8055bd48f3b3b00550250f4851e7f5995a034005d5af589a33ac1dc36954
-
SHA512
e666f51829c1d6dff19528d3f493c09ecc146551be8f9598792961a0ebb04b60cf4cb9bd52bc2d24fc51557d606a2e0ceebee61be25d6910e13c2bd9ebae3f04
-
SSDEEP
6144:vOUFTUZR/yTVz3qJrrEt3Inb4rbbztHFjUvRaspByPfe9T6OyLXi9lvgBdSHk:GO4n/Ed3q1rW3Inb4rDthWTpQ29T6UxF
Static task
static1
Malware Config
Extracted
redline
twick
trustedwicky.com:80
-
auth_value
2284521981f16053dae08194ef371cb3
Targets
-
-
Target
bd2c8055bd48f3b3b00550250f4851e7f5995a034005d5af589a33ac1dc36954
-
Size
367KB
-
MD5
a1c88160806213516c95141ac3923a20
-
SHA1
00d4953bcd3a3e6bac804624a51979be566c1764
-
SHA256
bd2c8055bd48f3b3b00550250f4851e7f5995a034005d5af589a33ac1dc36954
-
SHA512
e666f51829c1d6dff19528d3f493c09ecc146551be8f9598792961a0ebb04b60cf4cb9bd52bc2d24fc51557d606a2e0ceebee61be25d6910e13c2bd9ebae3f04
-
SSDEEP
6144:vOUFTUZR/yTVz3qJrrEt3Inb4rbbztHFjUvRaspByPfe9T6OyLXi9lvgBdSHk:GO4n/Ed3q1rW3Inb4rDthWTpQ29T6UxF
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-