Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
802KB
-
Sample
221203-yd39jadf7s
-
MD5
266531bc43d8aa514ef4ac6bbf06fbce
-
SHA1
f398542a6db9d63ffaa6b221792b561b045533c9
-
SHA256
1570f6daac9b4567a4c1f68da417ac43adbeadedc94a2ec92d8f6341f08bb85d
-
SHA512
aa35b78c1f374b0585da1cb87ab2f368798cfd9476864efcbd235a02597be46bd6ee66ab170dc328e661b4e68ad8b90c57d544ec704d1b369b5c181be22a8394
-
SSDEEP
24576:rm5bRpdKx7w7eGXo3G4bZlZDckCo8xvQkf7Rh:m7eGXo2CDckz4vpf7Rh
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
@andriii_ff
176.124.220.67:30929
-
auth_value
525a7ad8080b3552f2f7735af7644111
Targets
-
-
Target
file.exe
-
Size
802KB
-
MD5
266531bc43d8aa514ef4ac6bbf06fbce
-
SHA1
f398542a6db9d63ffaa6b221792b561b045533c9
-
SHA256
1570f6daac9b4567a4c1f68da417ac43adbeadedc94a2ec92d8f6341f08bb85d
-
SHA512
aa35b78c1f374b0585da1cb87ab2f368798cfd9476864efcbd235a02597be46bd6ee66ab170dc328e661b4e68ad8b90c57d544ec704d1b369b5c181be22a8394
-
SSDEEP
24576:rm5bRpdKx7w7eGXo3G4bZlZDckCo8xvQkf7Rh:m7eGXo2CDckz4vpf7Rh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-