Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f3cf62907da44c4e0fa28d0e246a56f6f35aaeb14b3cdd31e01a6642f2d00726
-
Size
303KB
-
Sample
221203-zmsptsdg98
-
MD5
a41c92abe75fefebf312769d58d6bc21
-
SHA1
bff6425b2f3f4f5e94e7ec6aa20e5a81d18e1665
-
SHA256
37fb073fa6c047a70913ff09adadbf51e2b63ddcdeb5f2a3c169e5a14f360af8
-
SHA512
e7a5f564bc34257521eed4c9a936ebb34cf00f11eb366acae7b0832e5cc02841f02baaff0c8c643bc1bc90792aa4b53615e6557046606d81026af1ca911bfb20
-
SSDEEP
6144:JU2EZbaIl5lWjaQna5jN+fglOBo4cC8iyFVD9v15A+7UHfpsMQjo3LX:JRcdvlWjHnt04R8iyFVpvP+Hfpao3LX
Static task
static1
Behavioral task
behavioral1
Sample
f3cf62907da44c4e0fa28d0e246a56f6f35aaeb14b3cdd31e01a6642f2d00726.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
NewDef2023
185.106.92.214:2510
-
auth_value
048f34b18865578890538db10b2e9edf
Targets
-
-
Target
f3cf62907da44c4e0fa28d0e246a56f6f35aaeb14b3cdd31e01a6642f2d00726
-
Size
459KB
-
MD5
87f4e43658c1e006f3229d9afd2ee660
-
SHA1
4745997874d879ca66a9e4672b84896a6da0927f
-
SHA256
f3cf62907da44c4e0fa28d0e246a56f6f35aaeb14b3cdd31e01a6642f2d00726
-
SHA512
33d55240ba9e48e56e743859194abe9b22f9cf1664d9657a635e8a0de38641ffb2bdf9ea7e6ab1bbafc49e3602132f4ca641b93e64c3537310a69c251b8017c1
-
SSDEEP
6144:XZzIcVLLAMjOKRjvi/aQna5fN+fglyBo4cC8IyFVD9v15a+7UHfXGuRjMgUW:XVpVNjO7/Hnnu4R8IyFVpvPMHfRQg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-