Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6797b4f2d6ca012553f8ef49902fe247e2fb6a1bae4608a4c3c6f6610e3c6289
-
Size
398KB
-
Sample
221227-sxjrcaac5y
-
MD5
a832d660925ae99429504a4f609591e6
-
SHA1
6162a26f9118c792ebc5cf43c191413f18f2313e
-
SHA256
6797b4f2d6ca012553f8ef49902fe247e2fb6a1bae4608a4c3c6f6610e3c6289
-
SHA512
f69c16db3317b6501974d66070f257bdf4c92865a19d10d664e064f68541da26cd756784923e4f836d2ae371021f2b9425fc4013841bc01e6f7a0488f97d7160
-
SSDEEP
6144:aaLLPh666c/J6MYTHYaFw6gtxJL3AvF758xQ3xDPkMo5zXbAc:fLzk66cR6fTjTQxJTAvZ58xaxDPyrbA
Static task
static1
Malware Config
Extracted
redline
shakur
31.41.244.198:4083
-
auth_value
77cf57cf0231c3bc6ab7b37cc351aa82
Targets
-
-
Target
6797b4f2d6ca012553f8ef49902fe247e2fb6a1bae4608a4c3c6f6610e3c6289
-
Size
398KB
-
MD5
a832d660925ae99429504a4f609591e6
-
SHA1
6162a26f9118c792ebc5cf43c191413f18f2313e
-
SHA256
6797b4f2d6ca012553f8ef49902fe247e2fb6a1bae4608a4c3c6f6610e3c6289
-
SHA512
f69c16db3317b6501974d66070f257bdf4c92865a19d10d664e064f68541da26cd756784923e4f836d2ae371021f2b9425fc4013841bc01e6f7a0488f97d7160
-
SSDEEP
6144:aaLLPh666c/J6MYTHYaFw6gtxJL3AvF758xQ3xDPkMo5zXbAc:fLzk66cR6fTjTQxJTAvZ58xaxDPyrbA
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-