Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8fa4a6c523ea164810039b279197b46e473f997f25f4e9cc936b39ee79df99ad
-
Size
257KB
-
Sample
221105-ywmdqshdg4
-
MD5
752f3c51cec694c17bdc6f881e5ad740
-
SHA1
61f2686c1ba4b7da72a2047ba1552240618e005d
-
SHA256
8fa4a6c523ea164810039b279197b46e473f997f25f4e9cc936b39ee79df99ad
-
SHA512
3a1960a621be977c0663543ea79ce2daf2ab05e5ff2c872878d1c03a9e53ee37e5a645e29de421862a54a653d7b986e8034b2237e2697ecad518967278e4d7c1
-
SSDEEP
6144:jUTIt3vbSenezxXnyg6QpOwY1en1pBAhcs3zd+QYMbl:jUTIt3vbSnyg/OHd+vQl
Static task
static1
Behavioral task
behavioral1
Sample
8fa4a6c523ea164810039b279197b46e473f997f25f4e9cc936b39ee79df99ad.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
Google2
167.235.71.14:20469
-
auth_value
fb274d9691235ba015830da570a13578
Targets
-
-
Target
8fa4a6c523ea164810039b279197b46e473f997f25f4e9cc936b39ee79df99ad
-
Size
257KB
-
MD5
752f3c51cec694c17bdc6f881e5ad740
-
SHA1
61f2686c1ba4b7da72a2047ba1552240618e005d
-
SHA256
8fa4a6c523ea164810039b279197b46e473f997f25f4e9cc936b39ee79df99ad
-
SHA512
3a1960a621be977c0663543ea79ce2daf2ab05e5ff2c872878d1c03a9e53ee37e5a645e29de421862a54a653d7b986e8034b2237e2697ecad518967278e4d7c1
-
SSDEEP
6144:jUTIt3vbSenezxXnyg6QpOwY1en1pBAhcs3zd+QYMbl:jUTIt3vbSnyg/OHd+vQl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-