Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
279d687eec84cee9e0c96d5b5a68327acce6b80593fa0396d5848339fce3a302
-
Size
333KB
-
Sample
221218-17g99sgg6y
-
MD5
cca9077b425936e83114909afef08929
-
SHA1
3b5136cc68871b1b1c875177771ec67471ef9a9e
-
SHA256
279d687eec84cee9e0c96d5b5a68327acce6b80593fa0396d5848339fce3a302
-
SHA512
969ce7046173b3ef147438e348a69aa7c4bb194cc0659cb7ea3808909f8d37ce7fbfd9a1cd1dd233a301378ec8b3c176d322161918479d9968bd9e6e0f813dd4
-
SSDEEP
6144:Q86gTLIknoLHVvai7t6Et174H57Jcm1oQLenFKalsKeBg3CqqVoU0VB:Q86KEUobtFt6Et1m57JcUasKemSJ9O
Static task
static1
Behavioral task
behavioral1
Sample
279d687eec84cee9e0c96d5b5a68327acce6b80593fa0396d5848339fce3a302.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
nokia
31.41.244.198:4083
-
auth_value
3b38e056d594ae0cf1368e6e1daa3a4e
Targets
-
-
Target
279d687eec84cee9e0c96d5b5a68327acce6b80593fa0396d5848339fce3a302
-
Size
333KB
-
MD5
cca9077b425936e83114909afef08929
-
SHA1
3b5136cc68871b1b1c875177771ec67471ef9a9e
-
SHA256
279d687eec84cee9e0c96d5b5a68327acce6b80593fa0396d5848339fce3a302
-
SHA512
969ce7046173b3ef147438e348a69aa7c4bb194cc0659cb7ea3808909f8d37ce7fbfd9a1cd1dd233a301378ec8b3c176d322161918479d9968bd9e6e0f813dd4
-
SSDEEP
6144:Q86gTLIknoLHVvai7t6Et174H57Jcm1oQLenFKalsKeBg3CqqVoU0VB:Q86KEUobtFt6Et1m57JcUasKemSJ9O
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-