Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Setup.zip
-
Size
78.0MB
-
Sample
221103-1alanahebj
-
MD5
df1718942d28ba72f7a428e9b4abcbda
-
SHA1
a1b4b82ce5299583b7d97d4f32185977fcb8f747
-
SHA256
e0b6712565018f30a97cce0297b20d491fd2424d09eaa64ca385758f48d6f723
-
SHA512
885fb91df1f922e2d3fad6a69c7561097cc6e436a033d280a09faf4c1066151ada7f5ccfb2ee3bd58a223047dcf5f919de6cfb65118735e0659a81ba0fa3fdda
-
SSDEEP
1572864:PZIF/W+2Oq5ggbNx0N9zaZIF/W+2Oq5ggbNxUgI6ZIF/W+2Oq5ggbNx1r51y:PkWTOqOOkN4kWTOqOOkf6kWTOqOOlrC
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
1248769308_99
spartanlivestyle.xyz:28786
-
auth_value
c363f8560ff21ea7f695ac60c01c4f74
Targets
-
-
Target
Setup.exe
-
Size
739.9MB
-
MD5
da03cbe050932b35ccb6eb09eddae4f8
-
SHA1
1cc5786cdf9cd4c09d33b89c0ef8ec83d719d050
-
SHA256
6b7f08cef7e04fc59d680cc4151cd00fa0c3366ee30f9e42534822c61906bcdf
-
SHA512
a6dda04f333c9e6350976b629a73acb5db4b0cc9e0556960fccb32752010239ca20600686533d2ea0b766da30c9237fbb990bcae6d39e70b2440148b0619f1a6
-
SSDEEP
3072:TbVLPY8Oqb1GXtquUbPFieoqDJMxU4vTmjiYwqRTsaBuJHPNXJ5xaJVYYPwioGu+:tDd0XtjlxU3BglPN55xowixuYH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-