Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bd8ddd8ffb89f7c714dd72e2e968e813b2d5bcaa5897bfbe6eca084ef62da571
-
Size
231KB
-
Sample
221015-gw3x2sfcc3
-
MD5
7e7a634365c4c641d84c14a3e4b6d489
-
SHA1
e22affddaaaf3c01a457295d9cc3ff5c835faab3
-
SHA256
bd8ddd8ffb89f7c714dd72e2e968e813b2d5bcaa5897bfbe6eca084ef62da571
-
SHA512
9aeb24afbc98a3a8d827a28f51be07d5cd4b0ae9348d7683bbe7cac7a235358907a43b468e7dd64e5c4f8d2155daa384dda3bb27ec59e0f0ee6c52ba16c75ced
-
SSDEEP
3072:XXpSgQApY0x5KrgKJ5mrsOvLmIyFa0gaNnToXD0KNkjZ+3cQA:HwgQApViSrfv25gU0XD0lZ+i
Static task
static1
Behavioral task
behavioral1
Sample
bd8ddd8ffb89f7c714dd72e2e968e813b2d5bcaa5897bfbe6eca084ef62da571.exe
Resource
win10-20220901-en
Malware Config
Extracted
redline
45.15.156.37:110
-
auth_value
5b663effac3b92fe687f0181631eeff2
Targets
-
-
Target
bd8ddd8ffb89f7c714dd72e2e968e813b2d5bcaa5897bfbe6eca084ef62da571
-
Size
231KB
-
MD5
7e7a634365c4c641d84c14a3e4b6d489
-
SHA1
e22affddaaaf3c01a457295d9cc3ff5c835faab3
-
SHA256
bd8ddd8ffb89f7c714dd72e2e968e813b2d5bcaa5897bfbe6eca084ef62da571
-
SHA512
9aeb24afbc98a3a8d827a28f51be07d5cd4b0ae9348d7683bbe7cac7a235358907a43b468e7dd64e5c4f8d2155daa384dda3bb27ec59e0f0ee6c52ba16c75ced
-
SSDEEP
3072:XXpSgQApY0x5KrgKJ5mrsOvLmIyFa0gaNnToXD0KNkjZ+3cQA:HwgQApViSrfv25gU0XD0lZ+i
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Deletes itself
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-