Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
64c03c0f3abecf51f9479209e6a24ad3374c919fe706a198c4cc6346e44782ae
-
Size
261KB
-
Sample
221224-1gfczsaf68
-
MD5
1ab931de28de0063e1aa0b4a6643372f
-
SHA1
e908eef7fd2e157eecc6ca893f095c660f2dccc9
-
SHA256
e7832092ab2176aa1bdadc5691a5b86595e5289fe1894466d4d4b19427581657
-
SHA512
e97e95f800898be6288f17fdc44a63f90042463e6b3524a0010931000fc2e2eb2a00f7d3225412ea8ed0f793cdeb8e49d2b0512ea34499d01e7041cf793f2ab3
-
SSDEEP
6144:2J15K8MWNkQeeLd7IKlA4TMYWGwEsyr7PTPWY:2J1qW+k3dw47TWY
Static task
static1
Behavioral task
behavioral1
Sample
64c03c0f3abecf51f9479209e6a24ad3374c919fe706a198c4cc6346e44782ae.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
shakur
31.41.244.198:4083
-
auth_value
77cf57cf0231c3bc6ab7b37cc351aa82
Targets
-
-
Target
64c03c0f3abecf51f9479209e6a24ad3374c919fe706a198c4cc6346e44782ae
-
Size
344KB
-
MD5
5e63f777438c8809dd4803f4ef76b0f5
-
SHA1
3965f638ddf3e91fe50c05a3414378da3ecef77f
-
SHA256
64c03c0f3abecf51f9479209e6a24ad3374c919fe706a198c4cc6346e44782ae
-
SHA512
81bcbbcbf59bcebed1b20a0f899ef59dc1847b684b55fd6f48fecd541f1f930639087fbe25349026cc558c21e6ca8c849a4eb5933e3a0e70c0fa3ac03dfdb142
-
SSDEEP
6144:/aL216yrWNkQeoLd7IqlA4VMYWG4EsaMKX:ya16yrW+SVP4YrX
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-