Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
34ad4ae674931e5e09ef7f406a8f300dee2132cf06435e67ef211c8d48f27305
-
Size
364KB
-
Sample
220926-gx8jxsahbq
-
MD5
dcd526d6174300b006d616405723a335
-
SHA1
0e58f18c22c458340dd4afe88cc1d25d43c99aba
-
SHA256
34ad4ae674931e5e09ef7f406a8f300dee2132cf06435e67ef211c8d48f27305
-
SHA512
3d6b64bc6c6b42f5e7c1e7f0eb17544fe55a568355c6c0ad0709b01e67abe54291a708ae56f05a487cd07838dd973bc524af912c132ff6f697bc2626914d491c
-
SSDEEP
6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv
Malware Config
Extracted
redline
0002
13.72.81.58:13413
-
auth_value
866ce0ed8cfe2be77fb43a4912677698
Targets
-
-
Target
34ad4ae674931e5e09ef7f406a8f300dee2132cf06435e67ef211c8d48f27305
-
Size
364KB
-
MD5
dcd526d6174300b006d616405723a335
-
SHA1
0e58f18c22c458340dd4afe88cc1d25d43c99aba
-
SHA256
34ad4ae674931e5e09ef7f406a8f300dee2132cf06435e67ef211c8d48f27305
-
SHA512
3d6b64bc6c6b42f5e7c1e7f0eb17544fe55a568355c6c0ad0709b01e67abe54291a708ae56f05a487cd07838dd973bc524af912c132ff6f697bc2626914d491c
-
SSDEEP
6144:eEaXBUcN2BRrn1fH0N6GkBut5adsSEK69yDPhSjYlakxjTLVqoARRSTZAPdg+:/aRDNoVJKRtUdsSEK69yDPhSjYlakxjv
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-