Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
1.4MB
-
Sample
221104-yks25saea6
-
MD5
34fe5a37c7921bbdaacbd9d6390e5eb9
-
SHA1
69f9c57638e112232d315ef4d85af55151e9be90
-
SHA256
fb510aeb78ac861e75a3d79ee2926d44121eaac29bdfac8878f2cd3cd4c2553a
-
SHA512
a04662319b0385c6b59d4b6011e7e0b6effa73e978026d9d4a9744eae88a3f1d9019fae1a04427b01a134fc24e10947d86ecd9da2506bcb66ee18e4de83e34bd
-
SSDEEP
24576:D71Y1FecMTBP8fVsJzoqmT56nYNk9A0IPkpo6tNOPQBI2WI0aCw28BueGl3ejZvT:mFecANeVsoD5WYO9A7k66tNYQa26aCeV
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
redline
1310
79.137.192.57:48771
-
auth_value
feb5f5c29913f32658637e553762a40e
Targets
-
-
Target
file.exe
-
Size
1.4MB
-
MD5
34fe5a37c7921bbdaacbd9d6390e5eb9
-
SHA1
69f9c57638e112232d315ef4d85af55151e9be90
-
SHA256
fb510aeb78ac861e75a3d79ee2926d44121eaac29bdfac8878f2cd3cd4c2553a
-
SHA512
a04662319b0385c6b59d4b6011e7e0b6effa73e978026d9d4a9744eae88a3f1d9019fae1a04427b01a134fc24e10947d86ecd9da2506bcb66ee18e4de83e34bd
-
SSDEEP
24576:D71Y1FecMTBP8fVsJzoqmT56nYNk9A0IPkpo6tNOPQBI2WI0aCw28BueGl3ejZvT:mFecANeVsoD5WYO9A7k66tNYQa26aCeV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-