Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ff5323a32673dda6983d1bc8a5840c7980ef231758b6128834d2e3432d53d790
-
Size
358KB
-
Sample
230103-182qasdb23
-
MD5
28ee8c7da8d0e960570a4f81eaee2d1a
-
SHA1
5ab7f96575352911f2d0cf7bf808c35b0e6aef87
-
SHA256
ff5323a32673dda6983d1bc8a5840c7980ef231758b6128834d2e3432d53d790
-
SHA512
016c48199401b51260375b60c75d5348fd90e281838aeec5f5b28b118b30e28dbc8b873cd2160514f56dcb584a95599fd348c8f67b3e467a513f5c96514b9fe5
-
SSDEEP
6144:AALS8KMuEODgHX/nBXld1Ua/2lXYDBN7JRGbv8inE8SDD0SV4b7i:AAm8KMuEjvD+wrS4Um4bu
Static task
static1
Behavioral task
behavioral1
Sample
ff5323a32673dda6983d1bc8a5840c7980ef231758b6128834d2e3432d53d790.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
sport
31.41.244.98:4063
-
auth_value
82cce55eeb56b322651e98032c09d225
Targets
-
-
Target
ff5323a32673dda6983d1bc8a5840c7980ef231758b6128834d2e3432d53d790
-
Size
358KB
-
MD5
28ee8c7da8d0e960570a4f81eaee2d1a
-
SHA1
5ab7f96575352911f2d0cf7bf808c35b0e6aef87
-
SHA256
ff5323a32673dda6983d1bc8a5840c7980ef231758b6128834d2e3432d53d790
-
SHA512
016c48199401b51260375b60c75d5348fd90e281838aeec5f5b28b118b30e28dbc8b873cd2160514f56dcb584a95599fd348c8f67b3e467a513f5c96514b9fe5
-
SSDEEP
6144:AALS8KMuEODgHX/nBXld1Ua/2lXYDBN7JRGbv8inE8SDD0SV4b7i:AAm8KMuEjvD+wrS4Um4bu
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-