Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a6013a8c88d99b77fdd5eb6196e72e72131fbcd37b9f642cf0cdc735f94788ab
-
Size
307KB
-
Sample
230103-eq3zrach7x
-
MD5
b5d961656a8f3f197347f41db3f83bb2
-
SHA1
8bdde2061f77de923b25287e1abb96783b4f0d5c
-
SHA256
a6013a8c88d99b77fdd5eb6196e72e72131fbcd37b9f642cf0cdc735f94788ab
-
SHA512
674dafc76d35c2e8886d22646fae8298b0b9559ea9cdd092039b135016f2f440bf287d0da1363a17e9ca228c3132d4bbde4af33d590e9daa3182ae7c73d337d0
-
SSDEEP
3072:60o29L0wEHq5JbBvKQehsOOdXwIO/BMS7AJ9GS7U+rIH8d8ScEZ/Nu6nghWysim8:k+LaHybJKQMePEXH8SSVlKbHv
Static task
static1
Malware Config
Extracted
redline
sport
31.41.244.98:4063
-
auth_value
82cce55eeb56b322651e98032c09d225
Targets
-
-
Target
a6013a8c88d99b77fdd5eb6196e72e72131fbcd37b9f642cf0cdc735f94788ab
-
Size
307KB
-
MD5
b5d961656a8f3f197347f41db3f83bb2
-
SHA1
8bdde2061f77de923b25287e1abb96783b4f0d5c
-
SHA256
a6013a8c88d99b77fdd5eb6196e72e72131fbcd37b9f642cf0cdc735f94788ab
-
SHA512
674dafc76d35c2e8886d22646fae8298b0b9559ea9cdd092039b135016f2f440bf287d0da1363a17e9ca228c3132d4bbde4af33d590e9daa3182ae7c73d337d0
-
SSDEEP
3072:60o29L0wEHq5JbBvKQehsOOdXwIO/BMS7AJ9GS7U+rIH8d8ScEZ/Nu6nghWysim8:k+LaHybJKQMePEXH8SSVlKbHv
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-