Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b45c369861674c8d94c2249c1983488585904f21898330a3b435d9d5a5a6c5d1
-
Size
124KB
-
Sample
230103-d91s3ach2z
-
MD5
3e563a57d564aabc935df209fab7726e
-
SHA1
b2507e59a25674ced81dbdef5bed215d651b9389
-
SHA256
5e0785abbbf807afc984a87eed6739c071ae85c2025c1b5c44eaa4a6561c2b76
-
SHA512
bded17559641f7d5f777583fa80a303bcf24882968ead63e4d9d29aab591ebc83ffc318474125f401e77ee4dd2357a17e95a985fccfed688a43247e3a617cec6
-
SSDEEP
3072:Lqyr7tSAArTxlZQSC+B4OiiLgHbPz/NdOYBuQr0cu:n7SrTHZQaBtJgHbPzFP0cu
Static task
static1
Behavioral task
behavioral1
Sample
b45c369861674c8d94c2249c1983488585904f21898330a3b435d9d5a5a6c5d1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
b45c369861674c8d94c2249c1983488585904f21898330a3b435d9d5a5a6c5d1.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
redline
pub4
89.22.231.25:45245
-
auth_value
0da82ae70515a79fe7ddf40ce11d2c47
Targets
-
-
Target
b45c369861674c8d94c2249c1983488585904f21898330a3b435d9d5a5a6c5d1
-
Size
285KB
-
MD5
90c10a5ed9337bea9e9f7ba220d286c3
-
SHA1
c12914a4bba77df18707d96cb05991aa847d7487
-
SHA256
b45c369861674c8d94c2249c1983488585904f21898330a3b435d9d5a5a6c5d1
-
SHA512
c84946f98ba7e88445ab7738da694610f914087696f9839224f994770934ba22bf4501319d4789cef1bb63694c6bec35866d54518aae8efdbccbb7616e3c8880
-
SSDEEP
6144:KWd94PYZfJfeB76+rG2lL0BEWD1wjMSfsog4DCRl:KWd94PYRmGKYBEWhwbfbg4DCP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-