Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
347KB
-
Sample
221026-3q5eksaafl
-
MD5
5c155294b9a343f5bf1e63f64d830703
-
SHA1
d15231628a5776f8866be6b073efc90ac2b44474
-
SHA256
a4b5bc9f7e30c488564c5e46a931b3bfb876e0a5261f7aee68b6751be7dfc8c3
-
SHA512
8f05750b9b53a2b4e30ddff565f1f2405be36294b72abb611612717355d433fe39ad2a9a7b2bbc0823347a7f8c25f6d0ccdbfd793150aecc8977b05977453f4c
-
SSDEEP
6144:ZxE7gsL/d5MaLNZsWyFAQqVqLU5kD593FEzZTZpp5smIAG:ZxE0sbDMEsWy9qVv5iv3FE1JeqG
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
Fote
79.137.199.60:4691
-
auth_value
e063cd2fd03a8d8334b8d7c3a7b0e7ef
Targets
-
-
Target
file.exe
-
Size
347KB
-
MD5
5c155294b9a343f5bf1e63f64d830703
-
SHA1
d15231628a5776f8866be6b073efc90ac2b44474
-
SHA256
a4b5bc9f7e30c488564c5e46a931b3bfb876e0a5261f7aee68b6751be7dfc8c3
-
SHA512
8f05750b9b53a2b4e30ddff565f1f2405be36294b72abb611612717355d433fe39ad2a9a7b2bbc0823347a7f8c25f6d0ccdbfd793150aecc8977b05977453f4c
-
SSDEEP
6144:ZxE7gsL/d5MaLNZsWyFAQqVqLU5kD593FEzZTZpp5smIAG:ZxE0sbDMEsWy9qVv5iv3FE1JeqG
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-