Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
52c6a788856cae9e0842a8ba75927d6be1e56303746923b7362aa4e9cddbca07
-
Size
331KB
-
Sample
221228-skab5saf72
-
MD5
57c42d252c60ca5779c6548def1fa356
-
SHA1
212eed346e7da36b6379d86a925d42da3b81aef5
-
SHA256
16a13fe68982acf3d2526ae1fa3668de854c005a74df8a73090f498a310c4abf
-
SHA512
1b176cd4069f599b7dbb765c97807c563bad30c6bead6002d075c63a8491eccc6d5355646fc3354f0e0b305f33c51e6c41c4937d03e3d0a8dc1fb655bc31acea
-
SSDEEP
6144:ooLF8IScSYbqx+d20CFCXKcHgJ3rXQ+69RGPfeuGqVjLOzlc1bYELzgSl:oo5iFYsC2A+69AeuXjulwLXl
Static task
static1
Behavioral task
behavioral1
Sample
52c6a788856cae9e0842a8ba75927d6be1e56303746923b7362aa4e9cddbca07.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
@new@2023
77.73.133.62:22344
-
auth_value
8284279aedaed026a9b7cb9c1c0be4e4
Targets
-
-
Target
52c6a788856cae9e0842a8ba75927d6be1e56303746923b7362aa4e9cddbca07
-
Size
434KB
-
MD5
9d24e422f8c4bf121a0ce901cf7997c9
-
SHA1
4c2ac238d8416af7c1ebd2c79841f6eb57dce402
-
SHA256
52c6a788856cae9e0842a8ba75927d6be1e56303746923b7362aa4e9cddbca07
-
SHA512
1f958765bc9578c9c1748ff32490dd9ee11584aa6a73066ff6a6affaee988b2715529daeaa8fb5b6b49c6d83d959890691407504fec87af1a169a451972ee5ba
-
SSDEEP
6144:6a3LtcSf08IScSYpqx+Z20CFCXKOH8J3rHQ+69RGPy991VN9UZdLaYon5Jk4eROz:/35siFYGCCw+69AqAdin5JF
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-