Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bd40336588cb5f490f89cbb65510b4a8945608f36c49542d59cfa9915a7b4736
-
Size
1.4MB
-
Sample
221103-l3w6asbchj
-
MD5
0a507e42406ab120c12eda49853c7a95
-
SHA1
870832058c47fa7edf6af705e926d82716cd855c
-
SHA256
bd40336588cb5f490f89cbb65510b4a8945608f36c49542d59cfa9915a7b4736
-
SHA512
cda0a1317dfd2799161498a51dda83d07d6eaed283a4bd43f17341be709fa6b4a69e5370ace44df3b14ad24308ab1fb24dba29ab71b6d10c16c82233ef20b452
-
SSDEEP
24576:851Y/eaCUXf9V4e+3wpvtLDaSz9rk3fKaTIs5C69ufScu/+BR274numvPKb0fHof:feaCUXfXz+3wpvtKS9k3XzLuqcu/mR2J
Static task
static1
Behavioral task
behavioral1
Sample
bd40336588cb5f490f89cbb65510b4a8945608f36c49542d59cfa9915a7b4736.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
1310
79.137.192.57:48771
-
auth_value
feb5f5c29913f32658637e553762a40e
Targets
-
-
Target
bd40336588cb5f490f89cbb65510b4a8945608f36c49542d59cfa9915a7b4736
-
Size
1.4MB
-
MD5
0a507e42406ab120c12eda49853c7a95
-
SHA1
870832058c47fa7edf6af705e926d82716cd855c
-
SHA256
bd40336588cb5f490f89cbb65510b4a8945608f36c49542d59cfa9915a7b4736
-
SHA512
cda0a1317dfd2799161498a51dda83d07d6eaed283a4bd43f17341be709fa6b4a69e5370ace44df3b14ad24308ab1fb24dba29ab71b6d10c16c82233ef20b452
-
SSDEEP
24576:851Y/eaCUXf9V4e+3wpvtLDaSz9rk3fKaTIs5C69ufScu/+BR274numvPKb0fHof:feaCUXfXz+3wpvtKS9k3XzLuqcu/mR2J
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-