Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad704ae529bf043358e8393838ccea12.exe
-
Size
282KB
-
Sample
230102-mghlfsdh64
-
MD5
ad704ae529bf043358e8393838ccea12
-
SHA1
b5baed3a38a0eea3a30214821b4e64eb0006fd1f
-
SHA256
e6695283447e08a992fde58b23bb0e3bcdf8111d69ba3caf96b16869b3c994e6
-
SHA512
ab12192d56433ac4364401771f3ba17f187af9190c9bc4cacce2b1ccc0da42ed096d7c3936612158ba8f2b351464c8a46e1db78bebc6d9d3baeefe6614ec0052
-
SSDEEP
3072:MJ4fA8oE7AvZdlCR+zM/rgITMWPYlO4myQ9B0nk0kebT4tAMq/HhMlun5jHMusH:cWA8oEoCRj/rVTF9mnjcA7ZQu54us
Static task
static1
Behavioral task
behavioral1
Sample
ad704ae529bf043358e8393838ccea12.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ad704ae529bf043358e8393838ccea12.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
95.216.252.182:4277
-
auth_value
a909e2aaecf96137978fea4f86400b9b
Targets
-
-
Target
ad704ae529bf043358e8393838ccea12.exe
-
Size
282KB
-
MD5
ad704ae529bf043358e8393838ccea12
-
SHA1
b5baed3a38a0eea3a30214821b4e64eb0006fd1f
-
SHA256
e6695283447e08a992fde58b23bb0e3bcdf8111d69ba3caf96b16869b3c994e6
-
SHA512
ab12192d56433ac4364401771f3ba17f187af9190c9bc4cacce2b1ccc0da42ed096d7c3936612158ba8f2b351464c8a46e1db78bebc6d9d3baeefe6614ec0052
-
SSDEEP
3072:MJ4fA8oE7AvZdlCR+zM/rgITMWPYlO4myQ9B0nk0kebT4tAMq/HhMlun5jHMusH:cWA8oEoCRj/rVTF9mnjcA7ZQu54us
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-