Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
1.8MB
-
Sample
221106-msh2csaddn
-
MD5
c4a34dadd5bdd435bbd2b601216a8845
-
SHA1
0e98ada0fb38b22ce20aff1d5c1bca3959e330bc
-
SHA256
6dc671b1584fa593d98f07d458f6f251b7a5be61d06a5fc8e197906010f5f30e
-
SHA512
44eecce62f327a64e1f002c3b46a45a8b0c95e844f4d7c91f5ad3db9fd83bf2eeb927bc3df544c60b2c2e0fe7aa455bbacc844f581cccf4762dcbd5b1fe0aa40
-
SSDEEP
24576:iPXk9u1zxwjp6oU3e4Kspw8NWOY4hqPGWXYQJk/8mckkcmOJZGyzzoV:x9u1VINB45pTtpmGGCsUmq74V
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
Ross Trafer
79.137.204.225:35366
-
auth_value
c13df8b0f711231b91be845c727b3945
Targets
-
-
Target
file
-
Size
1.8MB
-
MD5
c4a34dadd5bdd435bbd2b601216a8845
-
SHA1
0e98ada0fb38b22ce20aff1d5c1bca3959e330bc
-
SHA256
6dc671b1584fa593d98f07d458f6f251b7a5be61d06a5fc8e197906010f5f30e
-
SHA512
44eecce62f327a64e1f002c3b46a45a8b0c95e844f4d7c91f5ad3db9fd83bf2eeb927bc3df544c60b2c2e0fe7aa455bbacc844f581cccf4762dcbd5b1fe0aa40
-
SSDEEP
24576:iPXk9u1zxwjp6oU3e4Kspw8NWOY4hqPGWXYQJk/8mckkcmOJZGyzzoV:x9u1VINB45pTtpmGGCsUmq74V
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-